After connecting Radar to GitHub, Radar will start scanning your repositories for secrets. You may immediately see alerts on your commits and PRs with reported secrets. Sometimes those reported secrets may be test secrets used for testing, so you can help Radar by configuring directories and files to ignore with the radar.yaml file.
The radar.yaml is a configuration file that can set settings in Radar per repository. To do this, the radar.yaml file must be set in the root directory. Here is an example Radar YAML file:
config # Findings maxFindingsPerFile25 secretTypes known_api_keys auth_urls crypto_keys api_keys # Excluding # Empty array does not exclude anything excludedDirectories **/.git **/.vscode **/.xcodeproj **/bower_components **/node_modules **/@types **/test **/tests excludedFiles package-lock.json npm-shrinkwrap.json yarn.lock go.sum certs.go changelog.md excludedFileExts # Including # Empty array includes everything includedFiles includedDirectories includedFileExts
Updated 4 months ago