yardexx/dart_shieldLight logodart_shield
PR #23

Configuration

Configure dart_shield via analysis_options.yaml

Configuration

dart_shield is configured through your project's analysis_options.yaml file.

When you run dart_shield init, a default configuration is automatically added.

Enabling the Plugin

To enable the security rules, dart_shield must be registered as a plugin:

plugins:
  - dart_shield

Shield Configuration

The configuration for dart_shield lives under the dart_shield key.

dart_shield:
  analyzers:
    code: true
    deps: true

Options

KeyTypeDescriptionDefault
analyzersMapConfiguration for individual analyzers.
analyzers.codebooleanEnable or disable static code analysis (secret detection, etc.).true
analyzers.depsbooleanEnable or disable dependency analysis (known vulnerabilities). Note: Currently a placeholder for future functionality.true

Ignoring Rules

Since dart_shield integrates with the Dart analyzer, you can often ignore specific rules using standard Dart ignore comments.

Ignore a specific line

// ignore: avoid_hardcoded_secrets
const apiKey = "12345-secret";

Ignore for the whole file

// ignore_for_file: avoid_hardcoded_secrets

const apiKey = "12345-secret";
const anotherSecret = "abcde-secret";
Edit this page on GitHub