codacy-opengrep/docs/multiple-tests/codacy-rules-java/src/Program.java at 060de5353714db5cc474c9d27867ad04396fb124 · codacy/codacy-opengrep · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
import java.io.Console;
import de.hybris.platform.servicelayer.search.FlexibleSearchQuery;

class Program
    {
        public static void main(String[] args)
        {
            private static final String PASSWORD = "password" ; // Issue: Hardcoded password
            private static final String API_KEY = "api_key" ; // Issue: Hardcoded API key
            private static final String API_SECRET = "api_secret" ; // Issue: Hardcoded API secret
            final FlexibleSearchQuery query = new FlexibleSearchQuery("SELECT {a.pk} FROM {TEST AS a} WHERE {a.uid} ="+ uid +" AND {a.visibleInAddressBook} = true");

            final FlexibleSearchQuery okquery = new FlexibleSearchQuery(
                "SELECT {a.pk} FROM {TEST AS a} WHERE {a.uid} = ?uid AND {a.visibleInAddressBook} = true"
            );
            okquery.addQueryParameter("uid", uid);
            System.out.println("This is a security risk: " + PASSWORD);
            System.out.println("This is a security risk: " + API_KEY);
            System.out.println("This is a security risk: " + API_SECRET);
        }
    }