Code Analysis

.deepsource.toml

This section covers .deepsource.toml configuration specific to the secrets analyzer. Please make sure to read the general configuration guide first.

name

  • Type: String
  • Presence: mandatory
  • Description: Shortcode of the analyzer.
  • Example:
name = "secrets"

enabled

  • Type: Boolean
  • Presence: optional
  • Description: Toggle whether this analyzer should be run.
  • Example:
enabled = true

The Secrets analyzer only detects hardcoded secrets in non-test files. To specify a certain pattern of files as test files, add them as test patterns in the configuration.

Sample config

version = 1

test_patterns = [
  "test/**",
  "test_e2e/**"
]

exclude_patterns = [
  "**/examples/**"
]

[[analyzers]]
name = "secrets"
enabled = true