/** Property to read the password. */
// this triggers squid:S2068 but should not (FP)
public static final String DB_PASSWORD = "com.example.sonarqube.DB_PASSWORD";
public void test() {
// the default value "tiger" could trigger squid:S2068, but is likely hard to find
final char[] secret = System.getProperty(DB_PASSWORD, "tiger").toCharArray();
// ...
PasswordAuthentication pa = new PasswordAuthentication("scott", secret);
}
public void testFail() {
// this should trigger squid:S2068 and is easy to find.
PasswordAuthentication pa = new PasswordAuthentication("user", "mySecretPassword".toCharArray());
}
--
You received this message because you are subscribed to the Google Groups "SonarQube" group.
To unsubscribe from this group and stop receiving emails from it, send an email to sonarqube+...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/sonarqube/30e8c110-1207-412c-898f-5438640594c4%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
To view this discussion on the web visit https://groups.google.com/d/msgid/sonarqube/69599a85-16de-449d-a228-72121e3d395e%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
To view this discussion on the web visit https://groups.google.com/d/msgid/sonarqube/05ce560b-b1a3-4152-bc48-4d686d4796a7%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.