def test_load_config(): config = core.load_config(config_path("example.yml"), FIXTURE_PATH) assert set(config["exclude"]["files"]) == set([ Path(fixture_path(".npmrc")), Path(fixture_path("hardcoded.json")), Path(fixture_path("hardcoded.yml")), Path(fixture_path("hardcoded.xml")), ]) assert config["exclude"]["keys"] == [ re.compile("SECRET_VALUE_KEY", flags=re.IGNORECASE) ] assert config["exclude"]["values"] == [ re.compile("SECRET_VALUE_PLACEHOLDER", flags=re.IGNORECASE) ]
def test_exclude_files(): args = parse_args([fixture_path()]) args.config = core.load_config(config_path("exclude_files.yml"), FIXTURE_PATH) secrets = core.run(args) with pytest.raises(StopIteration): next(secrets)
def test_detection_by_key(src, keys): args = parse_args([fixture_path(src)]) secrets = core.run(args) for key in keys: assert next(secrets).key == key with pytest.raises(StopIteration): next(secrets)
def test_exclude_by_keys_and_values(configfile, src): args = parse_args([fixture_path(src)]) args.config = core.load_config(config_path(configfile), FIXTURE_PATH) secrets = core.run(args) assert next(secrets).key == "hardcoded_password" with pytest.raises(StopIteration): next(secrets)
def test_include_files(): args = parse_args([fixture_path()]) args.config = core.load_config(config_path("include_files.yml"), FIXTURE_PATH) secrets = core.run(args) assert next(secrets).value == "hardcoded" with pytest.raises(StopIteration): next(secrets)
def test_detection_by_value(src, count): args = parse_args([fixture_path(src)]) args.config = core.load_config( CONFIG_PATH.joinpath("detection_by_value.yml")) secrets = core.run(args) for _ in range(count): value = next(secrets).value.lower() if value.isnumeric(): continue assert "hardcoded" in value with pytest.raises(StopIteration): next(secrets)
def test_detection_by_filename(): expected = map( fixture_path, [ ".aws/credentials", ".htpasswd", ".npmrc", ".pypirc", "connection.config", "integration.conf", "pip.conf", "settings.cfg", "settings.conf", "settings.env", "settings.ini", ], ) args = parse_args([fixture_path()]) args.config = core.load_config( CONFIG_PATH.joinpath("detection_by_filename.yml")) secrets = core.run(args) result = [secret.value for secret in secrets] for exp in expected: assert exp in result
import pytest from yaml.parser import ParserError from tests.unit.conftest import FIXTURE_PATH, config_path, does_not_raise, fixture_path from whispers import core from whispers.cli import parse_args @pytest.mark.parametrize( ("filename", "expectation"), [ (f"/tmp/File404-{urandom(30).hex()}", pytest.raises(FileNotFoundError)), ("/dev/null", pytest.raises(TypeError)), (fixture_path("hardcoded.yml"), does_not_raise()), (fixture_path("folder"), pytest.raises(StopIteration)), ], ) def test_run(filename, expectation): with expectation: args = parse_args([filename]) next(core.run(args)) @pytest.mark.parametrize( ("filename", "expectation"), [ (f"/tmp/File404-{urandom(30).hex()}", pytest.raises(FileNotFoundError)), ("/dev/null", pytest.raises(TypeError)),
def test_is_static(key, value, expectation): args = parse_args([fixture_path()]) args.config = core.load_config(CONFIG_PATH.joinpath("example.yml")) secrets = WhisperSecrets(args) assert secrets.is_static(key, value) == expectation
def test_init(filename, expected_plugin): filename = fixture_path(filename) plugin = WhisperPlugins(filename).plugin assert isinstance(plugin, expected_plugin)
assert args.output == expectation["output"] assert args.rules == expectation["rules"] assert args.src == expectation["src"] @pytest.mark.parametrize( ("arguments", "expectation"), [ ([], pytest.raises(SystemExit)), (["-v"], pytest.raises(SystemExit)), (["-i"], pytest.raises(SystemExit)), (["-c", "whispers.yml"], pytest.raises(SystemExit)), (["-r", "whis,pers"], pytest.raises(SystemExit)), (["-o", "/tmp/whispers"], pytest.raises(SystemExit)), (["/dev/null/bin"], pytest.raises(FileNotFoundError)), ([fixture_path("hardcoded.json")], does_not_raise()), ([fixture_path("hardcoded.json"), "-o", "/tmp/whispers" ], does_not_raise()), ([fixture_path("hardcoded.json"), "-c", config_path("example.yml")], does_not_raise()), ], ) def test_cli(arguments, expectation): with expectation: assert cli(arguments) is None def test_cli_info(): mock_print = StringIO() with patch("sys.stdout", mock_print): cli_info()
def test_find_line_number_all(src, linenumbers): args = parse_args([fixture_path(src)]) secrets = core.run(args) for number in linenumbers: assert next(secrets).line == number
import pytest from yaml.parser import ParserError from tests.unit.conftest import FIXTURE_PATH, config_path, does_not_raise, fixture_path from whispers import core from whispers.cli import parse_args @pytest.mark.parametrize( ("filename", "expectation"), [ (f"/tmp/File404-{urandom(30).hex()}", pytest.raises(FileNotFoundError)), ("/dev/null", pytest.raises(TypeError)), (fixture_path("hardcoded.yml"), does_not_raise()), ], ) def test_run(filename, expectation): with expectation: args = parse_args([filename]) next(core.run(args)) @pytest.mark.parametrize( ("filename", "expectation"), [ (f"/tmp/File404-{urandom(30).hex()}", pytest.raises(FileNotFoundError)), ("/dev/null", pytest.raises(TypeError)), (config_path("invalid.yml"), pytest.raises(ParserError)),