Secrets

Hardcoding credentials in code is never a good idea. If your source code falls into the hands of a malicious entity (and it happens more often than we'd like to acknowledge), they can use secrets from the source code to gain access to systems.

Suggest Edits

This section covers configuration specific to the Secrets analyzer. Please make sure you have read the general configuration guide first.

Configuration - `.deepsource.toml`

`name`

Type: String
Presence: mandatory
Description: Shortcode of the analyzer.
Example:

name = "secrets"

`enabled`

Type: Boolean
Presence: optional
Description: Toggle whether this analyzer should be run.
Example:

enabled = true

📘
The Secrets analyzer only detects hardcoded secrets in non-test files. To specify a certain pattern of files as test files, add them as test patterns, as shown in the example below.

Sample config

version = 1

test_patterns = [
  "test/**",
  "test_e2e/**"
]

exclude_patterns = [
  "**/examples/**"
]

[[analyzers]]
name = "secrets"
enabled = true

Updated 8 months ago

Configuration - .deepsource.toml

name

enabled

📘

Sample config

Configuration - `.deepsource.toml`

`name`

`enabled`