Secret Detection Configuration Options

The following table shows the configuration options available for the Secret Detection scanner. These configuration options can be applied on the Account > Project > Scan levels. These configurations can be set via the web application (UI), CLI or API, as shown in the table below.

Notice

CLI flags are submitted on the scan level with the scan create command. API configs can be configured on the account or project level using the Scan Configuration APIs or on the scan level as part of the request body of the POST /scans API

Parameter	Values	Notes	CLI	API
GIT commit history	true / false	When set to `true` Secret Detection scans both the source code and Git commit history, providing full historical coverage for compliance and deeper analysis. When set to `false` (default), Secret Detection scans the source code only. For more information on scanning GIT commit history, see Git commit history	`--scs-commit-history`	On account and project level: `scan.config.microengines.gitCommitHistory` On scan level: `2msCommitHistory`

Parameter

Values

Notes

CLI

API

GIT commit history

true / false

When set to true Secret Detection scans both the source code and Git commit history, providing full historical coverage for compliance and deeper analysis.

When set to false (default), Secret Detection scans the source code only.

For more information on scanning GIT commit history, see Git commit history

--scs-commit-history

On account and project level:

scan.config.microengines.gitCommitHistory

On scan level:

2msCommitHistory

In this section:

Secret Detection Configuration Options

Notice

Search results