String.format("...authPassword=%s...", password);
is marked with the error in the title, while the password is not hard coded.
Hello,
Can you clarify which version of SonarQube and Java analyzer you are using if you are not running SonarQube 8.5?
Thanks
I’m using SonarQube Community Edition Version 7.5 (build 20543
SonarQube 7.5 is no longer maintained so nothing will be fixed for that version.
You should think about upgrading to SQ 8.5 where we did improvements to have the Security Hotspot S2068 raising less noise.
We are using SQv9.9.2 (build 77730), still I’m seeing this error.
‘AUTH’ detected in this expression, review this potentially hard-coded secret.