1. Exclusions
Embold uses default exclusions when a scan is triggered. But in case, you want to make changes to the default exclusions, you can check in embold.yaml file in the Base Directory (Root level of your repository).
Embold uses the YAML file format for configurations.
Embold supports exclusions using Regex patterns.
Example: Below is the regular expression “*(?i)(test|generated|mock|thirdparty|third-party|3rd-party|3rdparty|external)*“
Please note that:
- If embold.yaml file is not checked in in your repository, default exclusions will be considered.
Default exclusions:
sources:
#Files or Directories to be Excluded are mentioned in exclusions
exclusions:
- 'test'
- 'generated'
- 'mock'
- 'thirdparty'
- 'third-party'
- '3rd-party'
- '3rdparty'
- 'external'
- 'build'
- 'node_modules'
- 'assets'
- 'gulp'
- 'grunt'
- 'library'
- 'libs'
- '.git'
- 'demosubproject'
- If the embold.yaml file is checked in, but exclusions are not defined, no files will be excluded while scanning.
sources:
exclusions:- If the embold.yaml file is checked in, exclusions are defined, then exclusions from the checked in file will be considered while scanning. These will affect the executable lines of code in the source code.
sources:
#Files or Directories to be Excluded are mentioned in exclusions
exclusions:
- 'test'
- 'generated'- In the above example, all files/folders containing test or mock will be excluded.
2. Languages
All languages are detected by default by Embold. If you do not wish to scan all languages from your repository, you can update the embold.yaml file as shown below.
#languages: 'JAVA,CPP'3. Modules
How to update modules?
To disable any specific module, use below syntax. List of all modules for a specific language is given in the table below.
#modules:
# - name: pmd
# enabled: true
You can check the module name for a particular rule on https://rules.embold.io/
Below table shows a list of all languages and modules supported by Embold.
| Sr no. | Languages | Modules | Default Enabled | Type |
|---|---|---|---|---|
| 1 | Java | pmd | Enabled | Code Issues |
| gamma_java | Enabled | Code Issues | ||
| spotbugs | Disabled | Code Issues | ||
| klocwork | Disabled | Code Issues | ||
| findsecbugs | Disabled | Code Issues | ||
| clover | Enabled | Coverage | ||
| jacoco | Enabled | Coverage | ||
| 2 | CPP | klocwork | Disabled | Code Issues |
| cpplint | Disabled | Code Issues | ||
| cppcheck | Enabled | Code Issues | ||
| embold_sec | Disabled | Code Issues | ||
| gtest | Enabled | Unit Test | ||
| gcov | Enabled | Coverage | ||
| 3 | C_SHARP | gamma_cs | Enabled | Code Issues |
| mstest | Enabled | Unit Test | ||
| coverlet | Enabled | Coverage | ||
| 4 | Apex | pmd | Enabled | Code Issues |
| 5 | Objective_C | gamma_cxx | Enabled | Code Issues |
| 6 | PHP | embold_s ec | Disabled | Code Issues |
| phpmd | Enabled | Code Issues | ||
| phpcs | Enabled | Code Issues | ||
| 7 | Python | pylint | Enabled | Code Issues |
| dlint | Enabled | Code Issues | ||
| bandit | Enabled | Code Issues | ||
| 8 | JavaScript | eslint | Enabled | Code Issues |
| gamma_js | Enabled | Code Issues | ||
| jshint | Disabled | Code Issues | ||
| 9 | TypeScript | tslint | Enabled | Code Issues |
| 10 | GO | gometalinter | Enabled | Code Issues |
| gosec | Enabled | Code Issues | ||
| staticcheck | Enabled | Code Issues | ||
| 11 | Kotlin | detekt | Enabled | Code Issues |
| 12 | Solidity | solium | Enabled | Code Issues |
| 13 | SQL | sqlcheck | Enabled | Code Issues |
| 14 | Swift | swiftlint | Enabled | Code Issues |
| 15 | Ruby | brakeman | Enabled | Code Issues |
| 16 | HTML | htmlhint | Enabled | Code Issues |
| 17 | CSS | stylelint | Enabled | Code Issues |
| 18 | ALL | sonar | Disabled | Code Issues |
| gamma_generic | Disabled | Code Issues | ||
| relevance | Enabled | Relevance |
4. Rules
To disable any specific rule, use below syntax. Add the list of rules inside a module it belongs to. List of all rules for a specific language can be found here.
modules:
- name: gamma_java
enabled: true
rules:
- key: 'EMB-JAVA-10'
enabled: false
- Module name in which the rule belongs can be found under Module Name and “key” under Issue Key on the Rules page. Page also shows if the rules is enabled or disabled by default.
4. Custom Configurations
Python: Pylint specific configurations:
- To enable Pylint specific configurations, add
pylintrcor.pylintrc fileinbaseDir at root level of your repository. - If your Pylint configuration file(pylintrc or .pylintrc) is present in some other directory, you can mention custom file path in embold.yaml.
Eg.
modules:
- name: pylint
enabled: true
config:
- name: config
type: text
required: true
value: Abc/inference/pylintrc
- config file path is given in embold.yaml file (absolute / relative to baseDir)
- If configuration file is not present in baseDir OR if the custom file path is not mentioned in embold.yaml (pylintrc or .pylintrc, all default rules supported by pylint are enabled