def test_no_modifications(base_state, scanned_results):
secrets = SecretsCollection.load_from_baseline({'results': base_state})
results = SecretsCollection.load_from_baseline(
{'results': scanned_results})
secrets.trim(results)
assert secrets.json() == base_state
def test_same_secret_new_location():
old_secret = potential_secret_factory()
new_secret = potential_secret_factory(line_number=2)
secrets = SecretsCollection.load_from_baseline(
{'results': {
'blah': [old_secret.json()]
}})
results = SecretsCollection.load_from_baseline(
{'results': {
'blah': [new_secret.json()]
}})
secrets.trim(results)
count = 0
for filename, secret in secrets:
assert secret.line_number == 2
count += 1
assert count == 1
def test_deleted_secret():
secrets = SecretsCollection()
secrets.scan_file('test_data/each_secret.py')
results = SecretsCollection.load_from_baseline(
{'results': secrets.json()})
results.data['test_data/each_secret.py'].pop()
original_size = len(secrets['test_data/each_secret.py'])
secrets.trim(results)
assert len(secrets['test_data/each_secret.py']) < original_size
def should_update_baseline(
secrets: SecretsCollection,
scanned_results: SecretsCollection,
filelist: List[str],
baseline_version: str,
) -> bool:
"""
:returns: True if changes occurred.
"""
original = SecretsCollection.load_from_baseline(
{'results': secrets.json()})
secrets.trim(scanned_results=scanned_results, filelist=filelist)
if baseline_version != VERSION:
return True
if not secrets.exactly_equals(original):
return True
return False