diff --git a/extensions/arc/src/test/models/controllerModel.test.ts b/extensions/arc/src/test/models/controllerModel.test.ts
index 785ceb194b..a66d0ad42d 100644
--- a/extensions/arc/src/test/models/controllerModel.test.ts
+++ b/extensions/arc/src/test/models/controllerModel.test.ts
@@ -43,7 +43,7 @@ describe('ControllerModel', function (): void {
 		});
 
 		it('Reads password from cred store', async function (): Promise<void> {
-			const password = 'password123';
+			const password = 'password123'; // [SuppressMessage("Microsoft.Security", "CS001:SecretInline", Justification="Test password, not actually used")]
 
 			// Set up cred store to return our password
 			const credProviderMock = TypeMoq.Mock.ofType<azdata.CredentialProvider>();
diff --git a/extensions/sql-database-projects/src/test/baselines/publishProfileSqlLoginBaseline.publish.xml b/extensions/sql-database-projects/src/test/baselines/publishProfileSqlLoginBaseline.publish.xml
index c0b81ceaa3..480b980b97 100644
--- a/extensions/sql-database-projects/src/test/baselines/publishProfileSqlLoginBaseline.publish.xml
+++ b/extensions/sql-database-projects/src/test/baselines/publishProfileSqlLoginBaseline.publish.xml
@@ -4,6 +4,7 @@
     <IncludeCompositeObjects>True</IncludeCompositeObjects>
     <TargetDatabaseName>targetDb</TargetDatabaseName>
     <DeployScriptFileName>DatabaseProject1.sql</DeployScriptFileName>
+    <![CDATA[[SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Test password, not actually used")]]>
     <TargetConnectionString>Data Source=testserver;User Id=testUser;Password=abcd123;Integrated Security=false;Persist Security Info=False;Pooling=False;MultipleActiveResultSets=False;Connect Timeout=60;Encrypt=False;TrustServerCertificate=True</TargetConnectionString>
     <ProfileVersionNumber>1</ProfileVersionNumber>
   </PropertyGroup>