Module context 

Code context analysis (comments, assignments, test files). Structural context analysis: understand WHERE in code a potential secret appears.

Instead of treating code as flat text, we infer the structural context of each match (assignment, comment, test code, encrypted block, documentation) and adjust confidence accordingly. Not an AST parser - just fast, language-agnostic structural inference.

Structs

ContextRegions

Per-line region membership precomputed once per chunk.

Enums

CodeContext

The structural context of a code location.

Functions

documentation_line_flags

Mark lines that appear to be documentation or docstrings.

infer_context

Infer the structural context of a match at a given line.

infer_context_with_documentation

Infer context when documentation-line flags have already been computed.

infer_context_with_regions

Like infer_context_with_documentation, but reads encrypted-block and test-function membership from a ContextRegions table precomputed once per chunk instead of re-walking up to 100 lines backward per match.

is_false_positive_context

Check whether a line-level match sits in known false-positive context.

is_false_positive_context_with_path

Same as is_false_positive_context. Retained for source compatibility with callers that historically pre-lowered the path; the body no longer requires a lowered string thanks to byte-wise case-insensitive checks.

is_false_positive_match_context

Returns true if the match is in a context that indicates a false positive.

is_known_example_credential

Detect example/placeholder credentials using ONLY algorithmic heuristics. No hardcoded credential lists - every suppression is based on a structural property that generalizes to all credentials of that shape.

is_sequential_placeholder