Page tree
Skip to end of metadata
Go to start of metadata

Problem

The Javascript rule "Avoid hard-coded or in-comment passwords in code" ( rule code OPT.JAVASCRIPT.PasswordInComments) searches for hard-coded passwords in source code.

This rule checks if there are comments in the code that contain expressions that match with a predefined regexp pattern, so it can lead to several false positives and/or false negatives.

Solution

This rule contains the parameter "passwordPattern" that you can edit to change the default pattern if you are finding too many false positives.

The default regexp pattern is :