search

github / codeql

CodeQL: the libraries and queries that power security researchers around the world, as well as code scanning in GitHub Advanced Security
https://codeql.github.com
MIT License
7.48k stars 1.49k forks source link

LGTM.com - false positive #6927

Open jsoucheiron opened 2 years ago

jsoucheiron commented 2 years ago

LGTM is treating arns, account ids and other non-sensitive data as sensitive data

URL to the alert on the project page on LGTM.com https://lgtm.com/projects/g/Skyscanner/cfripper/snapshot/c9e8a747e5589f850ba67704fc4be84562061123/files/cfripper/boto3_client.py#x73c37dd94095cfcd:1

RasmusWL commented 2 years ago

Hi @jsoucheiron, thanks for reporting this. I agree that this alert isn't very useful. I'll update this issue once we've solved the problem.

For now, if you're very annoyed by these alerts, I wanted to let you know that is is possible to suppress them on LGTM.com.

jsoucheiron commented 2 years ago

NP, keep up the good work