Python
JavaScript
Java
Go
C#
Ansible
AWS CloudFormation Linter
C & C++
Dart Analyze
Docker
Kotlin
KubeLinter
PHP
Ruby
Rust
Scala
Secrets
Shell
Slither
Solhint
SQL
Swift
Terraform
Test coverageSecrets detected in source codeSCT-1000Hardcoded Adafruit API key in source codeSCT-1011Hardcoded Alibaba credentials in source codeSCT-1036Hardcoded Asana credentials in source codeSCT-1037Hardcoded Clojars API token in source codeSCT-1040Hardcoded Databricks API token in source codeSCT-1045Hardcoded Dropbox credentials in source codeSCT-1058Hardcoded AWS access token in source codeSCT-1002Hardcoded Google Cloud Platform API key in source codeSCT-1003Hardcoded Stripe access token in source codeSCT-1005Hardcoded Slack access token in source codeSCT-1006Hardcoded GitHub token in source codeSCT-1008Hardcoded GitLab token in source codeSCT-1009Hardcoded Atlassian API token in source codeSCT-1010Hardcoded Adobe client ID/secret in source codeSCT-1012Hardcoded OpenAI API key in source codeSCT-1013Hardcoded Datadog access token in source codeSCT-1014Hardcoded DigitalOcean token in source codeSCT-1015Hardcoded Fastly API token in source codeSCT-1016Hardcoded Linear API key/client secret in source codeSCT-1018Hardcoded New Relic API key in source codeSCT-1019Hardcoded PlanetScale credentials in source codeSCT-1020Hardcoded Postman API token in source codeSCT-1021Hardcoded Twilio API key in source codeSCT-1022Hardcoded DeepSource Personal Access Token (PAT) in source codeSCT-1023Hardcoded Prefect API token in source codeSCT-1024Hardcoded Readme API token in source codeSCT-1028Hardcoded RubyGems API in source codeSCT-1029Hardcoded Sendbird API token in source codeSCT-1030Hardcoded Brevo (Formerly Sendinblue) API token in source codeSCT-1031Hardcoded DroneCI access token in source codeSCT-1033Hardcoded Airtable API key in source codeSCT-1034Hardcoded Algolia API key in source codeSCT-1035Hardcoded Beamer API token in source codeSCT-1038Hardcoded Bittrex credentials in source codeSCT-1039Hardcoded Codecov access token in source codeSCT-1041Hardcoded Coinbase access token in source codeSCT-1042Hardcoded Confluent credentials in source codeSCT-1043Hardcoded Contentful API token in source codeSCT-1044Hardcoded Discord credentials in source codeSCT-1046Hardcoded Doppler API token in source codeSCT-1047Hardcoded Sumologic API key in source codeSCT-1048Hardcoded Twitch API token in source codeSCT-1051Hardcoded Twitter API token in source codeSCT-1052Hardcoded Duffel API token in source codeSCT-1059Hardcoded Dynatrace API token in source codeSCT-1060Hardcoded EasyPost credentials in source codeSCT-1061Hardcoded Etsy access token in source codeSCT-1062Hardcoded Facebook access token in source codeSCT-1063Hardcoded Finicity credentials in source codeSCT-1064Hardcoded Finnhub access token in source codeSCT-1065Hardcoded Flickr access token in source codeSCT-1066Hardcoded Flutterwave credentials in source codeSCT-1067Hardcoded FreshBooks access token in source codeSCT-1069Hardcoded Slack web hook in source codeSCT-1007Hardcoded PyPI upload API token in source codeSCT-1026Hardcoded SendGrid API token in source codeSCT-1032Hardcoded Pulumi API token in source codeSCT-1025Hardcoded JavaScript Web Token in source codeSCT-1004Hardcoded HashiCorp Terraform API token in source codeSCT-1017Hardcoded Rapid API access token in source codeSCT-1027Hardcoded Telegram Bot API token in source codeSCT-1049Hardcoded TravisCI API key in source codeSCT-1050Hardcoded private key in source codeSCT-1001Hardcoded Frame.io API token in source codeSCT-1068Possible hardcoded secrets detected in source codeSCT-A000
Possible hardcoded secrets detected in source codeSCT-A000
Minor
SecretsHardcoded secret with a low Shannon entropy (<4.5) detected in source code. This could be a valid secret and it is recommended to audit the use and verify if it is indeed valid.
If it is a place-holder, you can ignore this issue, or add a skipcq: SCT-A000 pragma to silence this warning.
This issue is detected for secrets that are assigned to a variable having password, secret and _key in their name,
and the value of the secret has a Shannon entropy between 3 and 4.5.