False positive in java.lang.security.system.system-setproperty-hardcoded-secret

```
class HelloWorld {
    public static void main(String[] args) {
        System.setProperty("javax.net.ssl.trustStorePassword", environment.getProperty("truststorePassword"));
    }
}
```

```
    Hello.java
    ...java.lang.security.system.system-setproperty-hardcoded-
       secret.java.lang.security.system.system-setproperty-hardcoded-secret.system-setproperty-hardcoded-secret   
          A secret is hard-coded in the application. Secrets stored in source code, such as credentials,  
          identifiers, and other types of sensitive data, can be leaked and used by internal or external  
          malicious actors. Use environment variables to securely provide credentials and other secrets or
          retrieve them from a secure vault or Hardware Security Module (HSM).                            
          Details: https://sg.run/KAzn                                                                    
                                                                                                          
            3? System.setProperty("javax.net.ssl.trustStorePassword",
               environment.getProperty("truststorePassword"));
```

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

False positive in java.lang.security.system.system-setproperty-hardcoded-secret #3312

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development