Details

    • Type: Language-Specification
    • Status: Active
    • Resolution: Unresolved
    • Labels:
      None
    • Impact:
      Unknown 'null' severity
    • Likelihood:
      Unknown 'null' severity
    • Default Quality Profiles:
      Sonar way, Sonar way recommended

      Description

      Sensitive Code Example

      var mysql = require('mysql');
      
      var connection = mysql.createConnection(
      {
        host:'localhost',
        user: "admin",
        database: "project",
        password: "mypassword", // sensitive 
        multipleStatements: true
      });
      
      connection.connect(); 
      

      Compliant Solution

      var mysql = require('mysql');
      
      var connection = mysql.createConnection({
        host: process.env.MYSQL_URL,
        user: process.env.MYSQL_USERNAME,
        password: process.env.MYSQL_PASSWORD,
        database: process.env.MYSQL_DATABASE
      });
      connection.connect();
      

        Attachments

          Activity

            People

            Assignee:
            Unassigned Unassigned
            Reporter:
            yassin.kammoun Yassin Kammoun
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Dates

              Created:
              Updated: