gitlab.bandit.B107

385
Download Count*
MIT
License

Hardcoded password is used as a default argument to '$FUNC'. This could be dangerous if a real password is not supplied.

Run Locally

Run in CI

Semgrep CI docs

Defintion

Edit RuleView Source
Open in Playground 
rules:
  - id: bandit.B107
    patterns:
      - pattern: |
          def $FUNC(..., password="...", ...):
            ...
    message: >
      Hardcoded password is used as a default argument to '$FUNC'. This could be
      dangerous if

      a real password is not supplied.
    metadata:
      cwe: "CWE-259: Use of Hard-coded Password"
      owasp: "A3: Broken Authentication and Session Management"
      primary_identifier: bandit.B107
      secondary_identifiers:
        - name: Bandit Test ID B107
          type: bandit_test_id
          value: B107
      license: MIT
    severity: WARNING
    languages:
      - python