@sun-asterisk/sunlint/rules/common/C041_no_sensitive_hardcode/config.json

☀️ SunLint - Multi-language static analysis tool for code quality and security | Sun* Engineering Standards

{
  "id": "C041",
  "name": "C041_do_not_hardcode_or_push_sensitive_information",
  "category": "architecture",
  "description": "C041 - Do not hardcode or push sensitive information (token, API key, secret, URL) into the repo",
  "severity": "warning",
  "enabled": true,
  "semantic": {
    "enabled": true,
    "priority": "high",
    "fallback": "heuristic"
  },
  "patterns": {
    "include": [
      "**/*.js",
      "**/*.ts",
      "**/*.jsx",
      "**/*.tsx"
    ],
    "exclude": [
      "**/*.test.*",
      "**/*.spec.*",
      "**/*.mock.*",
      "**/test/**",
      "**/tests/**",
      "**/spec/**"
    ]
  },
  "options": {
    "strictMode": false,
    "allowedDbMethods": [],
    "repositoryPatterns": [
      "*Repository*",
      "*Repo*",
      "*DAO*",
      "*Store*"
    ],
    "servicePatterns": [
      "*Service*",
      "*UseCase*",
      "*Handler*",
      "*Manager*"
    ],
    "complexityThreshold": {
      "methodLength": 200,
      "cyclomaticComplexity": 5,
      "nestedDepth": 3
    }
  },
  "languages": [
    "typescript",
    "javascript",
    "dart"
  ]
}