Entropy Scanner detects high entropy strings in your code. This extension is implemented as a language server and client for Visual Studio Code.
High entropy strings may contain passwords, authentication tokens or private keys and should not be committed into version control. This extension provides real time insight into high entropy strings. You should still run pre-commit checks and scan code during continuous integration using another tool like tartufo.
Highlight high entropy strings using Visual Studio Code diagnostics
Provices quick actions for excluding specific signatures
Respects the exclude-signatures, exclude-path-patterns and exclude-entropy-patterns options from your tartufo.toml