Token not being captured by Sonarqube

I am trying to add hard coded token in order to install package but sonarqube didn’t picket hardcoded token as security hotspot. Below is code
index_string = f’–extra-index-url https://{token} {package}’
Below are rules set on quality gate

token is hardcoded in python file. COuld you please suggest how to do it?


What edition and version of SonarQube are you using? If you’re not sure, you’ll find it in your page footer.