forked from DeepSourceCorp/globstar
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathhardcoded_credential.test.py
More file actions
30 lines (25 loc) · 912 Bytes
/
hardcoded_credential.test.py
File metadata and controls
30 lines (25 loc) · 912 Bytes
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
import os
def main():
# These should be flagged
# <expect-error>
connect(host="example.com", token="hqd#18ey283y28wdbbcwbd1ueh1ue2h")
# <expect-error>
set_password(password="A3b$c8d!eF9gHiJkLmNoPqRsTuVwXyZ")
# <expect-error>
configure(key="AKIATESTKEYTESTKEYTESTKEYTEST", secret="TEST/SECRET/KEY/EXAMPLE/1234567890")
# These should NOT be flagged
# <no-error>
set_password(password="password123") # Low entropy
# <no-error>
configure(username="test_user", value=42) # Not a sensitive argument
# Should not flag non-string values
# <no-error>
set_token(token=os.getenv("API_TOKEN"))
# Should not flag commented out code
# <no-error>
# connect(host="example.com", token="commented_out_secret")
# Edge cases
# <no-error>
empty_string(arg="") # Empty string
# <no-error>
numeric_value(key=12345) # Not a string