Lower the precision of a range of harcoded password queries to remove them from query suites.

michaelnebel · michaelnebel · commit 03ecd244694a · 2025-05-19T09:26:45.000+02:00
diff --git a/csharp/ql/src/Configuration/PasswordInConfigurationFile.ql b/csharp/ql/src/Configuration/PasswordInConfigurationFile.ql
@@ -4,7 +4,7 @@
  * @kind problem
  * @problem.severity warning
  * @security-severity 7.5
- * @precision medium
+ * @precision low
  * @id cs/password-in-configuration
  * @tags security
  *       external/cwe/cwe-013
diff --git a/csharp/ql/src/Security Features/CWE-798/HardcodedConnectionString.ql b/csharp/ql/src/Security Features/CWE-798/HardcodedConnectionString.ql
@@ -4,7 +4,7 @@
  * @kind path-problem
  * @problem.severity error
  * @security-severity 9.8
- * @precision medium
+ * @precision low
  * @id cs/hardcoded-connection-string-credentials
  * @tags security
  *       external/cwe/cwe-259
diff --git a/csharp/ql/src/Security Features/CWE-798/HardcodedCredentials.ql b/csharp/ql/src/Security Features/CWE-798/HardcodedCredentials.ql
@@ -4,7 +4,7 @@
  * @kind path-problem
  * @problem.severity error
  * @security-severity 9.8
- * @precision medium
+ * @precision low
  * @id cs/hardcoded-credentials
  * @tags security
  *       external/cwe/cwe-259
diff --git a/go/ql/src/Security/CWE-798/HardcodedCredentials.ql b/go/ql/src/Security/CWE-798/HardcodedCredentials.ql
@@ -5,7 +5,7 @@
  * @kind problem
  * @problem.severity warning
  * @security-severity 9.8
- * @precision medium
+ * @precision low
  * @id go/hardcoded-credentials
  * @tags security
  *       external/cwe/cwe-259
diff --git a/java/ql/src/Security/CWE/CWE-798/HardcodedCredentialsApiCall.ql b/java/ql/src/Security/CWE/CWE-798/HardcodedCredentialsApiCall.ql
@@ -4,7 +4,7 @@
  * @kind path-problem
  * @problem.severity error
  * @security-severity 9.8
- * @precision medium
+ * @precision low
  * @id java/hardcoded-credential-api-call
  * @tags security
  *       external/cwe/cwe-798
diff --git a/javascript/ql/src/Security/CWE-313/PasswordInConfigurationFile.ql b/javascript/ql/src/Security/CWE-313/PasswordInConfigurationFile.ql
@@ -4,7 +4,7 @@
  * @kind problem
  * @problem.severity warning
  * @security-severity 7.5
- * @precision medium
+ * @precision low
  * @id js/password-in-configuration-file
  * @tags security
  *       external/cwe/cwe-256
diff --git a/javascript/ql/src/Security/CWE-798/HardcodedCredentials.ql b/javascript/ql/src/Security/CWE-798/HardcodedCredentials.ql
@@ -5,7 +5,7 @@
  * @kind path-problem
  * @problem.severity warning
  * @security-severity 9.8
- * @precision high
+ * @precision low
  * @id js/hardcoded-credentials
  * @tags security
  *       external/cwe/cwe-259
diff --git a/python/ql/src/Security/CWE-798/HardcodedCredentials.ql b/python/ql/src/Security/CWE-798/HardcodedCredentials.ql
@@ -4,7 +4,7 @@
  * @kind path-problem
  * @problem.severity error
  * @security-severity 9.8
- * @precision medium
+ * @precision low
  * @id py/hardcoded-credentials
  * @tags security
  *       external/cwe/cwe-259
diff --git a/ruby/ql/src/queries/security/cwe-798/HardcodedCredentials.ql b/ruby/ql/src/queries/security/cwe-798/HardcodedCredentials.ql
@@ -4,7 +4,7 @@
  * @kind path-problem
  * @problem.severity error
  * @security-severity 9.8
- * @precision medium
+ * @precision low
  * @id rb/hardcoded-credentials
  * @tags security
  *       external/cwe/cwe-259
diff --git a/swift/ql/src/queries/Security/CWE-259/ConstantPassword.ql b/swift/ql/src/queries/Security/CWE-259/ConstantPassword.ql
@@ -4,7 +4,7 @@
  * @kind path-problem
  * @problem.severity error
  * @security-severity 6.8
- * @precision high
+ * @precision low
  * @id swift/constant-password
  * @tags security
  *       external/cwe/cwe-259
diff --git a/swift/ql/src/queries/Security/CWE-321/HardcodedEncryptionKey.ql b/swift/ql/src/queries/Security/CWE-321/HardcodedEncryptionKey.ql
@@ -4,7 +4,7 @@
  * @kind path-problem
  * @problem.severity error
  * @security-severity 8.1
- * @precision high
+ * @precision low
  * @id swift/hardcoded-key
  * @tags security
  *       external/cwe/cwe-321
