def test_plugin_from_old_baseline_respected_with_update_flag( self, mock_baseline_initialize, plugins_used, plugins_overwriten, plugins_wrote, ): with mock_stdin(), mock.patch( 'detect_secrets.main._read_from_file', return_value={ 'plugins_used': plugins_used, 'results': {}, 'version': VERSION, 'exclude': { 'files': '', 'lines': '', }, }, ), mock.patch( # We don't want to be creating a file during test 'detect_secrets.main.write_baseline_to_file', ) as file_writer: assert wrap_detect_secrets_main( 'scan --update old_baseline_file {}'.format( plugins_overwriten, ), ) == 0 assert (file_writer.call_args[1]['data']['plugins_used'] == plugins_wrote)
def test_audit_display_results(self, filename, expected_output): with mock_stdin(), mock_printer(main_module, ) as printer_shim: wrap_detect_secrets_main('scan ' + filename) baseline = printer_shim.message baseline_dict = json.loads(baseline) baseline_dict['custom_plugin_paths'] = tuple( baseline_dict['custom_plugin_paths']) with mock.patch( 'detect_secrets.core.audit._get_baseline_from_file', return_value=baseline_dict, ), mock_printer(audit_module, ) as printer_shim: wrap_detect_secrets_main('audit --display-results MOCKED') assert json.loads(uncolor( printer_shim.message))['plugins'] == expected_output
def test_reads_from_stdin(self, mock_merge_baseline): with mock_stdin(json.dumps({'key': 'value'})): assert wrap_detect_secrets_main('scan') == 0 mock_merge_baseline.assert_called_once_with( {'key': 'value'}, Any(dict), )
def test_scan_string_cli_overrides_stdin(self): with mock_stdin('012345678ab', ), mock_printer( main_module, ) as printer_shim: assert wrap_detect_secrets_main('scan --string 012345') == 0 assert uncolor(printer_shim.message) == get_plugin_report({ 'Base64HighEntropyString': 'False (2.585)', 'HexHighEntropyString': 'False (2.121)', })
def test_audit_short_file(self, filename, expected_output): with mock_stdin(), mock_printer( # To extract the baseline output main_module, ) as printer_shim: wrap_detect_secrets_main('scan ' + filename) baseline = printer_shim.message baseline_dict = json.loads(baseline) baseline_dict['custom_plugin_paths'] = tuple( baseline_dict['custom_plugin_paths']) with mock_stdin(), mock.patch( # To pipe in printer_shim 'detect_secrets.core.audit._get_baseline_from_file', return_value=baseline_dict, ), mock.patch( # We don't want to clear the pytest testing screen 'detect_secrets.core.audit._clear_screen', ), mock.patch( # Gotta mock it, because tests aren't interactive 'detect_secrets.core.audit._get_user_decision', return_value='s', ), mock.patch( # We don't want to write an actual file 'detect_secrets.core.audit.write_baseline_to_file', ), mock_printer(audit_module, ) as printer_shim: wrap_detect_secrets_main('audit will_be_mocked') assert uncolor(printer_shim.message) == textwrap.dedent(""" Secret: 1 of 1 Filename: {} Secret Type: {} ---------- {} ---------- Saving progress... """)[1:].format( filename, baseline_dict['results'][filename][0]['type'], expected_output, )
def test_scan_with_rootdir(self, mock_baseline_initialize): with mock_stdin(): assert wrap_detect_secrets_main('scan test_data') == 0 mock_baseline_initialize.assert_called_once_with( plugins=Any(tuple), custom_plugin_paths=Any(tuple), exclude_files_regex=None, exclude_lines_regex=None, path=['test_data'], should_scan_all_files=False, word_list_file=None, word_list_hash=None, )
def test_scan_with_all_files_flag(self, mock_baseline_initialize): with mock_stdin(): assert wrap_detect_secrets_main('scan --all-files') == 0 mock_baseline_initialize.assert_called_once_with( plugins=Any(tuple), custom_plugin_paths=Any(tuple), exclude_files_regex=None, exclude_lines_regex=None, path='.', should_scan_all_files=True, word_list_file=None, word_list_hash=None, )
def test_scan_with_exclude_args(self, mock_baseline_initialize): with mock_stdin(): assert wrap_detect_secrets_main( 'scan --exclude-files some_pattern_here --exclude-lines other_patt', ) == 0 mock_baseline_initialize.assert_called_once_with( plugins=Any(tuple), custom_plugin_paths=Any(tuple), exclude_files_regex='some_pattern_here', exclude_lines_regex='other_patt', path='.', should_scan_all_files=False, word_list_file=None, word_list_hash=None, )
def test_reads_old_baseline_from_file(self, mock_merge_baseline): with mock_stdin(), mock.patch( 'detect_secrets.main._read_from_file', return_value={'key': 'value'}, ) as m_read, mock.patch( 'detect_secrets.main.write_baseline_to_file', ) as m_write: assert wrap_detect_secrets_main( 'scan --update old_baseline_file') == 0 assert m_read.call_args[0][0] == 'old_baseline_file' assert m_write.call_args[1]['filename'] == 'old_baseline_file' assert m_write.call_args[1]['data'] == Any(dict) mock_merge_baseline.assert_called_once_with( {'key': 'value'}, Any(dict), )
def test_scan_string_basic( self, mock_baseline_initialize, string, expected_base64_result, expected_hex_result, ): with mock_stdin(string, ), mock_printer(main_module, ) as printer_shim: assert wrap_detect_secrets_main('scan --string') == 0 assert uncolor(printer_shim.message) == get_plugin_report({ 'Base64HighEntropyString': expected_base64_result, 'HexHighEntropyString': expected_hex_result, }) mock_baseline_initialize.assert_not_called()
def test_old_baseline_ignored_with_update_flag( self, mock_baseline_initialize, exclude_files_arg, expected_regex, ): with mock_stdin(), mock.patch( 'detect_secrets.main._read_from_file', return_value={}, ), mock.patch( # We don't want to be creating a file during test 'detect_secrets.main.write_baseline_to_file', ) as file_writer: assert wrap_detect_secrets_main( 'scan --update old_baseline_file {}'.format( exclude_files_arg, ), ) == 0 assert (file_writer.call_args[1]['data']['exclude']['files'] == expected_regex)
def test_audit_same_file(self): with mock_printer(main_module) as printer_shim: assert wrap_detect_secrets_main( 'audit --diff .secrets.baseline .secrets.baseline') == 0 assert printer_shim.message.strip() == ( 'No difference, because it\'s the same file!')
def test_audit_diff_not_enough_files(self): assert wrap_detect_secrets_main('audit --diff fileA') == 1