Skip to content

feat: Add --exclude flag to factor validate #10

Open
Open
feat: Add --exclude flag to factor validate#10
@cutzpatr

Description

@cutzpatr
cutzpatr
opened on Feb 2, 2026

Summary

Add ability to exclude directories from factor validate scans to reduce false positives.

Problem

When running factor validate on real-world codebases, certain directories produce false positives:

  • legacy/ - archived code kept for reference
  • actions-runner/ - CI runner with test credentials
  • third_party/ - vendored dependencies
  • examples/ - sample code with hardcoded values for demonstration

Proposed Solution

Add --exclude / -e flag that can be specified multiple times:

factor validate -p /path/to/app -e legacy -e actions-runner

Alternative

Expand the built-in skip_dirs list in is_hidden_or_vendor() to include common false-positive directories.

Workaround

Currently using factor validate -f json | jq to filter results externally.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions