[[rules]]
id = "jdbc-credentials"
description = "JDBC connection string with credentials"
regex = '''jdbc:[^"]*user=.*&password=.*|jdbc:[^"']*:[^"']*@[^"']*'''
tags = ["credentials","db","jdbc"]
severity = "high"

[[rules]]
id = "db-password-assignment"
description = "Generic DB password assignment"
regex = '''(?i)(db|database|jdbc|connection).*(password|passwd)\s*[:=]\s*['"][^'"]+['"]'''
tags = ["credentials"]
severity = "high"

[[rules]]
id = "hardcoded-password"
description = "Hardcoded Password"
regex = '''(?i)(password|passwd|pwd)\s*[:=]\s*['"][^'"]+['"]'''
tags = ["password", "security"]
severity = "high"