Home / argoproj / argo-cd
Repository Analysis

argoproj/argo-cd

Declarative Continuous Deployment for Kubernetes

0.4 Likely human-written View on GitHub
0.4
Adjusted Score
0.4
Raw Score
100%
Time Factor
2026-05-30
Last Push
23,008
Stars
Go
Language
768,911
Lines of Code
4581
Files
225
Pattern Hits
2026-05-31
Scan Date

Score History

Severity Breakdown

CRITICAL 4HIGH 1MEDIUM 32LOW 188

Pattern Findings

225 matches across 11 categories. Click a row to expand file-level details.

Over-Commented Block134 hits · 134 pts
SeverityFileLineSnippet
LOWcmd/argocd/commands/app.go2461 app, err := appClient.Get(ctx, &application.ApplicationQuery{
LOWtest/manifests/cmp/app/subdir/sidecar.yaml1# This yaml is used mainly to trigger the CMP plugin
LOWutil/webhook/webhook.go481// the given webURL. webURL is expected to be a URL from an SCM webhook payload pointing to the web
LOWutil/webhook/registry.go21// content digest. This structure is produced by registry-specific parsers
LOWutil/metrics/kubectl/kubectl_metrics.go21 LabelCallStatus = "call_status"
LOWutil/settings/resources_filter.go41
LOWutil/settings/settings.go81 // Certificate holds the certificate/private key for the Argo CD API server.
LOWutil/settings/settings.go121 BinaryUrls map[string]string `json:"binaryUrls,omitempty"`
LOWutil/askpass/server.go21 AskPassServiceServer
LOWutil/io/path/resolved.go81
LOWutil/io/path/resolved.go101// specified by allowedURLSchemes.
LOWutil/io/files/util.go21//
LOWutil/db/certificate.go41// CertificateListSelector is a helper struct for certificate selection.
LOWutil/helm/testdata/redis/values.yaml1## Bitnami Redis image version
LOWutil/helm/testdata/redis/values.yaml41 ## Optionally specify an array of imagePullSecrets.
LOWutil/helm/testdata/redis/values.yaml61 ## client label will have network access to the port Redis is listening
LOWutil/helm/testdata/redis/values.yaml81 # - apiGroups:
LOWutil/helm/testdata/redis/values.yaml101persistence: {}
LOWutil/helm/testdata/redis/values.yaml121 ## Redis additional command line flags
LOWutil/helm/testdata/redis/values.yaml141 ## Redis Master resource requests and limits
LOWutil/helm/testdata/redis/values.yaml201 enabled: true
LOWutil/helm/testdata/redis/values.yaml221
LOWutil/helm/testdata/redis/values.yaml241 ## Specify the nodePort value for the LoadBalancer and NodePort service types.
LOWutil/helm/testdata/redis/values.yaml261
LOWutil/helm/testdata/redis/values.yaml281
LOWutil/helm/testdata/redis/values.yaml301
LOWutil/helm/testdata/redis/values-production.yaml41 # pullSecrets:
LOWutil/helm/testdata/redis/values-production.yaml61## Redis password (both master and slave)
LOWutil/helm/testdata/redis/values-production.yaml81 ## - "redis-server"
LOWutil/helm/testdata/redis/values-production.yaml161 path: /bitnami/redis/data
LOWutil/helm/testdata/redis/values-production.yaml181 updateStrategy: OnDelete
LOWutil/helm/testdata/redis/values-production.yaml201 ## Provide any additional annotations which may be required. This can be used to
LOWutil/helm/testdata/redis/values-production.yaml221 ## Redis slave Liveness Probe
LOWutil/helm/testdata/redis/values-production.yaml241 # requests:
LOWutil/helm/testdata/dependency/values.yaml1## Bitnami WordPress image version
LOWutil/helm/testdata/dependency/values.yaml21## ref: https://github.com/bitnami/bitnami-docker-wordpress#environment-variables
LOWutil/helm/testdata/dependency/values.yaml41## Last name
LOWutil/helm/testdata/dependency/values.yaml61## ref: https://github.com/bitnami/bitnami-docker-wordpress/#smtp-configuration
LOWutil/helm/testdata/dependency/values.yaml101 ##
LOWutil/helm/testdata/dependency/values.yaml121 ## mariadb data Persistent Volume Storage Class
LOWutil/helm/testdata/dependency/values.yaml181 ## A side effect of this will be that the backend wordpress service will be connected at port 443
LOWutil/helm/testdata/dependency/values.yaml201 ## key and certificate should start with -----BEGIN CERTIFICATE----- or
LOWutil/helm/testdata/dependency/values.yaml221 ## If undefined (the default) or set to null, no storageClassName spec is
LOWutil/helm/testdata/dependency/values.yaml241## Node labels for pod assignment
LOWutil/helm/testdata/minio/values.yaml41
LOWutil/git/client.go61 "gc.autoDetach": "false",
LOWutil/git/client.go141 // Deprecated: To be removed in the next major version when Signature verification is replaced with Source Integrity.
LOWapplicationset/utils/template_functions.go41// This has been copied from helm and may be removed as soon as it is retrofited in sprig
LOWapplicationset/utils/selector.go141 return field.Invalid(path, k, strings.Join(errs, "; "))
LOWapplicationset/utils/utils.go501
LOWapplicationset/utils/createOrUpdate.go61 Build()
LOW…xamples/design-doc/git-files-literal-fasttemplate.yaml1# This example demonstrates a git file generator which produces its items based on one or
LOW…xamples/design-doc/git-files-literal-fasttemplate.yaml21# "account": "123456",
LOW…s/design-doc/git-directory-discovery-fasttemplate.yaml1# This example demonstrates the git directory generator, which produces an items list
LOW…mples/design-doc/git-files-discovery-fasttemplate.yaml1# This example demonstrates a git file generator which traverses the directory structure of a git
LOW…mples/design-doc/git-files-discovery-fasttemplate.yaml21# └── config.json
LOW…cationset/examples/design-doc/git-files-discovery.yaml1# This example demonstrates a git file generator which traverses the directory structure of a git
LOW…cationset/examples/design-doc/git-files-discovery.yaml21# └── config.json
LOW…onset/examples/design-doc/git-directory-discovery.yaml1# This example demonstrates the git directory generator, which produces an items list
LOW…licationset/examples/design-doc/git-files-literal.yaml1# This example demonstrates a git file generator which produces its items based on one or
74 more matches not shown…
Self-Referential Comments20 hits · 70 pts
SeverityFileLineSnippet
MEDIUMcmd/argocd/commands/applicationset.go38 # Create an ApplicationSet from a YAML stored in a file or at given URL
MEDIUMcmd/argocd/commands/app.go128 Example: ` # Create a directory app
MEDIUMcmd/argocd/commands/app.go131 # Create a Jsonnet app
MEDIUMcmd/argocd/commands/app.go134 # Create a Helm app
MEDIUMcmd/argocd/commands/app.go137 # Create a Helm app from a Helm repo
MEDIUMcmd/argocd/commands/app.go140 # Create a Kustomize app
MEDIUMcmd/argocd/commands/app.go143 # Create a MultiSource app while yaml file contains an application with multiple sources
MEDIUMcmd/argocd/commands/app.go146 # Create a app using a custom tool:
MEDIUMcmd/argocd/commands/project.go51 # Create a new project with name PROJECT
MEDIUMcmd/argocd/commands/project.go115 # Create a new project with name PROJECT
MEDIUMcmd/argocd/commands/project.go118 # Create a new project with name PROJECT from a file or URL to a Kubernetes manifest
MEDIUMcmd/argocd/commands/project_role.go227 # Create a project role in the "my-project" project with the name "my-role".
MEDIUMcmd/argocd/commands/project_role.go453# Create a role associated with test-project
MEDIUMutil/helm/testdata/dependency/values.yaml99 ## Create a database and a database user
MEDIUMutil/helm/testdata/minio/values.yaml108## Create a bucket after minio install
MEDIUMhack/generate-proto.sh113# This file is generated but should not be checked in.
MEDIUMhack/admonitions-to-alerts.sh26 # Create a temporary file to store the converted content.
MEDIUMhack/tool-versions.sh3# This file defines the versions of the tools that are installed in the CI
MEDIUMhack/migrate-gitops-engine/replace-vendor.sh20 # Create a backup and replace
MEDIUMdocs/operator-manual/argocd-cm.yaml285 # The following methods are available:
Hallucination Indicators4 hits · 40 pts
SeverityFileLineSnippet
CRITICAL…ettings/components/project-details/project-details.tsx800 formApi.values.spec.orphanedResources.ignore.map((_: Project, i: number) => (
CRITICALcmd/argocd/commands/app.go2330 app.Status.SourceHydrator.CurrentOperation.SourceHydrator.DeepEquals(app.Status.SourceHydrator.LastSuccessfulOperation
CRITICALdocs/operator-manual/user-management/zitadel.md122 ctx.v1.user.grants.grants.forEach((claim) => {
CRITICALcontroller/appcontroller.go1468 retryAt, err := app.Status.OperationState.Operation.Retry.NextRetryAt(state.FinishedAt.Time, state.RetryCount)
Hyper-Verbose Identifiers34 hits · 34 pts
SeverityFileLineSnippet
LOWui/src/app/settings/components/utils.ts1export function convertExpiresInToSeconds(expiresIn: string): number {
LOW…gs/components/project-details/resource-lists-panel.tsx121function viewSourceNamespacesInfoList(type: field, proj: Project) {
LOW…gs/components/project-details/resource-lists-panel.tsx186function viewDestinationServiceAccountsInfoList(type: field, proj: Project) {
LOWui/src/app/shared/services/extensions-service.ts41function registerResourceExtension(component: ExtensionComponent, group: string, kind: string, tabTitle: string, opts?:
LOWui/src/app/shared/services/extensions-service.ts47function registerSystemLevelExtension(component: ExtensionComponent, title: string, path: string, icon: string) {
LOWui/src/app/shared/services/extensions-service.ts59function registerStatusPanelExtension(component: StatusPanelExtensionComponent, title: string, id: string, flyout?: Exte
LOWui/src/app/shared/services/extensions-service.ts65function registerTopBarActionMenuExt(
LOWui/src/app/applications/components/utils.tsx42export function resourceStatusToResourceNode(res: appModels.ResourceStatus): appModels.ResourceNode {
LOWui/src/app/applications/components/utils.tsx632export async function getResourceActionsMenuItems(resource: ResourceTreeNode, metadata: models.ObjectMeta, apis: Context
LOWui/src/app/applications/components/utils.tsx933export function getSyncRevisionLabelSuffix(repoUrl: string, targetRevision: string, revision: string, chart?: string) {
LOWui/src/app/applications/components/utils.tsx1268function isPodInitializedConditionTrue(status: any): boolean {
LOWui/src/app/applications/components/utils.tsx1442export function getAppSetConditionCategory(condition: appModels.ApplicationSetCondition): 'error' | 'warning' | 'info' {
LOWui/src/app/applications/components/utils.tsx1466export function getApplicationSetOwnerRef(application: appModels.Application) {
LOWui/src/app/applications/components/utils.tsx1506export function getHydratorSyncSourceRepoURL(sourceHydrator: appModels.SourceHydrator): string {
LOWui/src/app/applications/components/utils.tsx1542export function getAppDefaultSyncRevision(app?: appModels.Application) {
LOWui/src/app/applications/components/utils.tsx1551export function getAppDefaultOperationSyncRevision(app?: appModels.Application) {
LOWui/src/app/applications/components/utils.tsx1570export function getAppDefaultSyncRevisionExtra(app?: appModels.Application) {
LOWui/src/app/applications/components/utils.tsx1584export function getAppDefaultOperationSyncRevisionExtra(app?: appModels.Application) {
LOWui/src/app/applications/components/utils.tsx1936export function formatApplicationSetProgressiveSyncStep(step: string | undefined): string {
LOWui/src/app/applications/components/utils.tsx2061export function getApplicationLinkURLFromNode(node: any, baseHref: string): {url: string; isExternal: boolean} {
LOW…ents/application-parameters/application-parameters.tsx306 function getEditablePanelForSources(index: number, appSource: models.ApplicationSource): React.ReactElement {
LOW…ents/application-parameters/application-parameters.tsx444 function getEditablePanelForOneSource(repoAppDetails: models.RepoAppDetails, ind: number, src: models.ApplicationSou
LOW…/app/applications/components/shared/app-source-edit.ts16export function normalizeTypeFieldsForSource(formApi: FormApi, type: models.AppSourceType, sourceIndex?: number): void {
LOW…tion-create-panel/collapsible-multi-source-section.tsx7export function CollapsibleMultiSourceSection(props: {
LOW…s/components/applications-list/applications-filter.tsx63function getOperationStateTitleForFilter(app: Application): OperationStateTitle {
LOW…components/applications-list/application-sets-list.tsx384 function onAppSetFilterPrefChanged(ctx: ContextApis, newPref: AppSetsListPreferences) {
LOWdocs/assets/versions.js32function initializeVersionDropdown() {
LOW…omizations/promoter.argoproj.io/PullRequest/health.lua4local function formatDeletingWithFinalizers(base, finalizers, catalog)
LOW…s/promoter.argoproj.io/ChangeTransferPolicy/health.lua4local function formatDeletingWithFinalizers(base, finalizers, catalog)
LOW…izations/promoter.argoproj.io/GitRepository/health.lua4local function formatDeletingWithFinalizers(base, finalizers, catalog)
LOW…omizations/promoter.argoproj.io/ScmProvider/health.lua4local function formatDeletingWithFinalizers(base, finalizers, catalog)
LOW…ons/promoter.argoproj.io/ClusterScmProvider/health.lua4local function formatDeletingWithFinalizers(base, finalizers, catalog)
LOWresource_customizations/argoproj.io/Rollout/health.lua71function isWorkloadGenerationObserved(obj)
LOW…zations/gateway.networking.k8s.io/HTTPRoute/health.lua14function isParentGenerationObserved(obj, parent)
AI Slop Vocabulary8 hits · 18 pts
SeverityFileLineSnippet
MEDIUMhack/installers/install-codegen-go-tools.sh44# We still install openapi-gen from go.mod since upstream does not utilize release tags. Use go install in order for
MEDIUMdocs/operator-manual/argocd-cmd-params-cm.yaml400 # Enable self-service notifications config. Used in conjunction with apps-in-any-namespace. (default "false")
MEDIUM…ublic.ecr.aws_docker_library_haproxy_3.0.8-alpine.html2315 a 'no_proxy' environment variable set. For the aforementioned reasons the
MEDIUMdocs/snyk/v3.3.10/ghcr.io_dexidp_dex_v2.43.0.html5771 a 'no_proxy' environment variable set. For the aforementioned reasons the
MEDIUM…ublic.ecr.aws_docker_library_haproxy_3.0.8-alpine.html2315 a 'no_proxy' environment variable set. For the aforementioned reasons the
MEDIUM…ublic.ecr.aws_docker_library_haproxy_3.0.8-alpine.html2315 a 'no_proxy' environment variable set. For the aforementioned reasons the
MEDIUM…ublic.ecr.aws_docker_library_haproxy_3.0.8-alpine.html2315 a 'no_proxy' environment variable set. For the aforementioned reasons the
MEDIUMdocs/snyk/v3.2.12/ghcr.io_dexidp_dex_v2.43.0.html5771 a 'no_proxy' environment variable set. For the aforementioned reasons the
Redundant / Tautological Comments7 hits · 12 pts
SeverityFileLineSnippet
LOWtest/remote/run-e2e-remote.sh18# Set ARGOCD_E2E_NAMESPACE to the namespace the Argo CD we're testing against is
LOWutil/helm/testdata/dependency/values.yaml180 ## Set this to true in order to enable TLS on the ingress record
LOWhack/admonitions-to-alerts.sh29 # Read the file line by line.
LOWhack/admonitions-to-alerts.sh32 # Check if the line starts with an admonition (!!!).
LOWhack/migrate-gitops-engine/update-dockerfile.sh8# Check if Dockerfile exists
LOW.github/workflows/release.yaml72 # Check if latest tag is a pre-release
LOW.github/workflows/cherry-pick-single.yml71 # Check if target branch exists
Decorative Section Separators3 hits · 9 pts
SeverityFileLineSnippet
MEDIUMtest/remote/run-e2e-remote.sh40## ====================================================
MEDIUMtest/remote/run-e2e-remote.sh42## ====================================================
MEDIUMhack/generate-ui-pnpm-sbom.sh9# =============================================================================
Fake / Example Data9 hits · 9 pts
SeverityFileLineSnippet
LOWutil/webhook/testdata/gitlab-event.json41 "email": "user@example.com"
LOWutil/test/testutil.go278 "name": "John Doe",
LOWutil/git/client_test.go1354 Name: "John Doe",
LOWapplicationset/webhook/testdata/gitlab-event.json41 "email": "user@example.com"
LOW…/webhook/testdata/gitlab-merge-request-open-event.json9 "email": "admin@example.com"
LOW…hook/testdata/gitlab-merge-request-approval-event.json9 "email": "admin@example.com"
LOW.github/workflows/ci-build.yaml203 git config --global user.name "John Doe"
LOW.github/workflows/ci-build.yaml276 git config --global user.name "John Doe"
LOW.github/workflows/ci-build.yaml573 git config --global user.name "John Doe"
Synthetic Comment Markers1 hit · 5 pts
SeverityFileLineSnippet
HIGHdocs/developer-guide/development-cycle.md66> There are a few non-obvious assets that are auto-generated. You should not change the autogenerated assets, as they wi
Verbosity Indicators3 hits · 4 pts
SeverityFileLineSnippet
LOWutil/git/client.go1638 // Step 1: Is it UNTRACKED? (file is new to git)
LOWapplicationset/services/scm_provider/gitlab_test.go1828 // We need to check if the request is for listing branches (returns array) or getting one (returns object)
LOWgitops-engine/pkg/utils/kube/resource_ops.go249 // not want. We need to check if the namespace exists, before know if it is safe to run this
Slop Phrases2 hits · 4 pts
SeverityFileLineSnippet
LOWutil/session/sessionmanager.go243 // Don't forget to validate the alg is what you expect:
MEDIUMdocs/operator-manual/application.yaml11 # Alternatively, you can use background cascading deletion