SonarQube Custom rule for scanning HardCoded Credentials

javascript

(Michael St. Angelo) #1

Hey there!

I am using SonarQube trying to write a custom rule in Javascript. The rule will detect any hard coded credentials that are present and throw an error. I was curious if there might be something someone has already done for this or maybe has some insight on how to go about doing this.

Thanks,
Michael


(vicky) #2

@MikeSt You might want to refer this https://github.com/SonarSource/sonar-java/blob/master/java-checks/src/main/java/org/sonar/java/checks/HardCodedCredentialsCheck.java as it is already implemented in java and most of the things is similar in SonarJS. So it will help you a lot.