Must-share information (formatted with Markdown):
which versions are you using (SonarQube, Scanner, Plugin, and any relevant extension)
- Enterprise Edition
- Version 8.5 (build 37579)
what are you trying to achieve
Our engineer also put plain password / apikey / token in the configuration file and push it to the repository. Does these are any solution to scan these configuration files so we can identify the sensitive data? We hope to alert this behavior by sonarqube. Look forward your rely and thanks in advance.