filter out the noise password={anything} in regex

microsoft / sarif-pattern-matcher

Quality domain agnostic regular expression pattern matcher that persists results to SARIF

MIT License

39 stars 17 forks source link

filter out the noise password={anything} in regex #777

Closed LingZhou-gh closed 1 year ago

LingZhou-gh commented 1 year ago

Changes

Minor regex change of rule 036 & 037 & 038 to filter out the noise of the following format: password={anything} or password=[anything] or password=(anything). Release record of FPC (Regex candidate reduction) is added.

LingZhou-gh commented 1 year ago

Abandon this PR as the noise reduction are made in Static Validation phase.