Is it safe to check Secrets/ProfileKey into source control?

We have just intercepted the latest rules from our SonarCloud instance, and the slconfig file has been updated to the following:

  "ServerUri": "<Redacted>",
  "Organization": null,
  "ProjectKey": "<Redacted>",
  "ProjectName": "<Redacted>",
  "Profiles": {
    "Secrets": {
      "ProfileKey": "<Redacted>",
      "ProfileTimestamp": "2023-03-11T10:43:34Z"
    "CSharp": {
      "ProfileKey": "<Redacted>",
      "ProfileTimestamp": "2023-02-02T09:18:50Z"

I gather that CSharp/ProfileKey is just part of the URL that resolves the quality profile. However, Secrets/ProfileKey is new and contains a different value. What is this used for and is it safe to check it into source control?

It’s the identifier for the Secrets rules Quality Profile. It is safe to check it in to source control.

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.