gitlab.gosec.G101-1

unknown

Download Count*

MIT

License

The use of hard-coded passwords increases the possibility of password guessing tremendously.

Run Locally

Run in CI

Semgrep CI docs

Defintion

Edit Rule View Source

Open in Playground

rules:
  - id: gosec.G101-1
    patterns:
      - pattern-either:
          - pattern: $MASK = "..."
      - metavariable-regex:
          metavariable: $MASK
          regex: (password|pass|passwd|pwd|secret|token)
    message: >
      The use of hard-coded passwords increases the possibility of password
      guessing tremendously.
    metadata:
      cwe: "CWE-259: Use of Hard-coded Password"
      owasp: "A3: Broken Authentication and Session Management"
      primary_identifier: gosec.G101-1
      secondary_identifiers:
        - name: Gosec Rule ID G101
          type: gosec_rule_id
          value: G101
      license: MIT
    severity: ERROR
    languages:
      - go

Short Link: https://sg.run/XOBj