{ "patterns": { "customSecretPatterns": [ { "name": "custom_api_key", "pattern": "api[_-]?key\\s*[=:]\\s*['\"][a-zA-Z0-9]{32,}['\"]", "category": "Secret", "severity": "High", "description": "Custom API key pattern", "recommendation": "Move API keys to environment variables or secure key management", "enabled": true } ], "customVulnerabilityPatterns": [ { "name": "template_injection", "pattern": "\\{\\{.*\\|.*\\}\\}|\\$\\{.*\\}", "category": "Injection", "severity": "Medium", "description": "Potential template injection vulnerability", "recommendation": "Sanitize template inputs and use safe template engines", "enabled": true } ], "excludedPatterns": [ "example", "placeholder", "your_api_key", "test", "demo", "localhost", "127.0.0.1" ], "enableEntropyBasedDetection": false, "entropyThreshold": 4.5 }, "scanSettings": { "includedFileExtensions": [ ".cs", ".js", ".ts", ".py", ".java", ".php", ".rb", ".go", ".cpp", ".c", ".h", ".json", ".xml", ".config", ".yml", ".yaml", ".properties", ".ini", ".env" ], "excludedDirectories": [ "node_modules", "bin", "obj", ".git", ".vs", "packages", "target", "build", ".vscode", "coverage", "dist", "out", "__pycache__", ".pytest_cache" ], "excludedFiles": [ "*.min.js", "*.min.css", "package-lock.json", "yarn.lock", "*.map" ], "maxFileSizeBytes": 10485760, "maxFilesPerScan": 10000, "defaultSeverityLevel": "medium", "enableContextAnalysis": true, "contextLineRadius": 2 }, "reporting": { "outputFormats": ["json", "markdown", "sarif"], "includeRecommendations": true, "includeCodeContext": true, "maskSensitiveValues": true, "reportTemplate": "default", "customReportSettings": { "includeMetrics": true, "includeTrends": false } }, "performance": { "maxParallelism": 0, "enableCaching": true, "cacheExpiryMinutes": 60, "enableIncrementalAnalysis": false, "timeoutSeconds": 300, "rateLimitDelayMs": 100 } }