The Javascript rule "Avoid hard-coded or in-comment passwords in code" ( rule code OPT.JAVASCRIPT.PasswordInComments) searches for hard-coded passwords in source code.
This rule checks if there are comments in the code that contain expressions that match with a predefined regexp pattern, so it can lead to several false positives and/or false negatives.
This rule contains the parameter "passwordPattern" that you can edit to change the default pattern if you are finding too many false positives.
The default regexp pattern is :
Related articles
-
Page:
-
Page:
-
Page:
-
Page:
-
Page: