Java: Fix False Positive for Hardcoded Password and SQL injection
What does this MR do?
- Fixes False Positive rule for Hardcoded password
- Fixes False Positive rule for SQL Injection
NOTE: I've manually pulled the changes from the sast-rules
repository since the generated ruleset contains primary_identifiers
and secondary_identifiers
instead of identifiers
which AFAIK aren't compatible in Semgrep yet.
What are the relevant issue numbers?
Does this MR meet the acceptance criteria?
-
Changelog entry added -
Documentation created/updated for GitLab EE, if necessary -
Documentation created/updated for this project, if necessary -
Documentation reviewed by technical writer or follow-up review issue created -
Tests added for this feature/bug -
Job definition updated, if necessary -
Conforms to the code review guidelines -
Conforms to the Go guidelines -
Security reports checked/validated by reviewer
Edited by Lucas Charles