# sonarjs/no-hardcoded-secrets

📝 Secrets should not be hard-coded.

💼 This rule is enabled in the ✅ `recommended` config.

<!-- end auto-generated rule header -->

## Options

<!-- begin auto-generated rule options list -->

| Name                    | Type   | Default                                     |
| :---------------------- | :----- | :------------------------------------------ |
| `randomnessSensibility` | Number | `5`                                         |
| `secretWords`           | String | `api[_.-]?key,auth,credential,secret,token` |

<!-- end auto-generated rule options list -->