The file .env is not analyzed

I use Sonarqube version developer edition v10.5 1 to scan the source code. However, I notice that the .env file is not analyzed. Does sonarqube no longer support scanning .env files?

Hey there.

We don’t currently analyze dot-prefixed files.

1 Like

Thank you for answer.
Can you tell me the reason for not analyzing dot-prefixed files?

It’s ultimately a decision made nearly 14 years ago (SONAR-1467), so I probably can’t get down to an exact “why” – but at least back then, it was rare for hidden files to be code that you cared about.

However, I don’t think it’s safe for us to assume we should now analyze all hidden files, so we have to figure out the right solution.

1 Like

Thank you for answer.