falseSecrets constant

False_secrets

Current app falseSecrets

When you try to publish a package, pub conducts a search for potential leaks of secret credentials, API keys, or cryptographic keys. If pub detects a potential leak in a file that would be published, then pub warns you and refuses to publish the package.

Leak detection isn’t perfect. To avoid false positives, you can tell pub not to search for leaks in certain files, by creating an allowlist using gitignore patterns under false_secrets in the pubspec.

For example, the following entry causes pub not to look for leaks in the file lib/src/hardcoded_api_key.dart and in all .pem files in the test/localhost_certificates/ directory:

false_secrets:
 - /lib/src/hardcoded_api_key.dart
 - /test/localhost_certificates/*.pem

Starting a gitignore pattern with slash (/) ensures that the pattern is considered relative to the package’s root directory.