1. Exclusions

Embold uses default exclusions when a scan is triggered. But in case, you want to make changes to the default exclusions, you can check in embold.yaml file in the Base Directory (Root level of your repository).

Embold uses the YAML file format for configurations.

Embold supports exclusions using Regex patterns.

Example: Below is the regular expression “*(?i)(test|generated|mock|thirdparty|third-party|3rd-party|3rdparty|external)*

Please note that:

  • If embold.yaml file is not checked in in your repository, default exclusions will be considered.
    Default exclusions:
  #Files or Directories to be Excluded are mentioned in exclusions
    - 'test'
    - 'generated'
    - 'mock'
    - 'thirdparty'
    - 'third-party'
    - '3rd-party'
    - '3rdparty'
    - 'external'
    - 'build'
    - 'node_modules'
    - 'assets'
    - 'gulp'
    - 'grunt'
    - 'library'
    - 'libs'
    - '.git'
    - 'demosubproject'
  • If the embold.yaml file is checked in, but exclusions are not defined, no files will be excluded while scanning.
  • If the embold.yaml file is checked in, exclusions are defined, then exclusions from the checked in file will be considered while scanning. These will affect the executable lines of code in the source code.
#Files or Directories to be Excluded are mentioned in exclusions
- 'test'
- 'generated'
  • In the above example, all files/folders containing test or mock will be excluded.

2. Languages

All languages are detected by default by Embold. If you do not wish to scan all languages from your repository, you can update the embold.yaml file as shown below.

#languages: 'JAVA,CPP'

3. Modules

How to update modules?

To disable any specific module, use below syntax. List of all modules for a specific language is given in the table below.

#  - name: pmd
#    enabled: true

You can check the module name for a particular rule on https://rules.embold.io/

Below table shows a list of all languages and modules supported by Embold.

Sr no.LanguagesModulesDefault EnabledType
1Javapmd EnabledCode Issues
gamma_java EnabledCode Issues
spotbugsDisabledCode Issues
klocwork DisabledCode Issues
findsecbugs DisabledCode Issues
clover EnabledCoverage
jacoco EnabledCoverage
2CPPklocwork DisabledCode Issues
cpplint DisabledCode Issues
cppcheck EnabledCode Issues
embold_sec DisabledCode Issues
gtest EnabledUnit Test
gcov EnabledCoverage
3C_SHARPgamma_cs EnabledCode Issues
mstest EnabledUnit Test
coverlet EnabledCoverage
4Apexpmd EnabledCode Issues
5Objective_Cgamma_cxx EnabledCode Issues
6PHPembold_s ec DisabledCode Issues
phpmd EnabledCode Issues
phpcs EnabledCode Issues
7Pythonpylint EnabledCode Issues
dlintEnabledCode Issues
bandit EnabledCode Issues
8JavaScripteslint EnabledCode Issues
gamma_js EnabledCode Issues
jshint DisabledCode Issues
9TypeScripttslint EnabledCode Issues
10GOgometalinter EnabledCode Issues
gosec EnabledCode Issues
staticcheck EnabledCode Issues
11Kotlindetekt EnabledCode Issues
12Soliditysolium EnabledCode Issues
13SQLsqlcheck EnabledCode Issues
14Swiftswiftlint EnabledCode Issues
15Rubybrakeman EnabledCode Issues
16HTMLhtmlhint EnabledCode Issues
17CSSstylelintEnabledCode Issues
18ALLsonar DisabledCode Issues
gamma_generic DisabledCode Issues
relevance EnabledRelevance

4. Rules

To disable any specific rule, use below syntax. Add the list of rules inside a module it belongs to. List of all rules for a specific language can be found here.

    - name: gamma_java
      enabled: true
         - key: 'EMB-JAVA-10'
           enabled: false
  • Module name in which the rule belongs can be found under Module Name and “key” under Issue Key on the Rules page. Page also shows if the rules is enabled or disabled by default.

4. Custom Configurations

Python: Pylint specific configurations:

  1. To enable Pylint specific configurations, add pylintrc or .pylintrc file inbaseDir at root level of your repository.
  2. If your Pylint configuration file(pylintrc or .pylintrc) is present in some other directory, you can mention custom file path in embold.yaml.


- name: pylint    
       enabled: true    
         - name: config
            type: text
            required: true
            value: Abc/inference/pylintrc
  1. config file path is given in embold.yaml file (absolute / relative to baseDir)
  2. If configuration file is not present in baseDir OR if the custom file path is not mentioned in embold.yaml (pylintrc or .pylintrc, all default rules supported by pylint are enabled