def test_fails_on_bad_initialization(self):
with mock.patch.object(
HexHighEntropyString,
'__init__',
side_effect=TypeError,
), pytest.raises(
TypeError,
):
initialize.from_plugin_classname(
'HexHighEntropyString',
hex_limit=4,
)
def test_success(self):
plugin = initialize.from_plugin_classname(
'HexHighEntropyString',
hex_limit=4,
)
assert isinstance(plugin, HexHighEntropyString)
assert plugin.entropy_limit == 4
def _load_baseline_from_dict(cls, data):
"""Initializes a SecretsCollection object from dictionary.
:type data: dict
:param data: properly formatted dictionary to load SecretsCollection from.
:rtype: SecretsCollection
:raises: IOError
"""
result = SecretsCollection()
if not all(key in data for key in (
'exclude_regex',
'plugins_used',
'results',
'version',
)):
raise IOError
result.exclude_regex = data['exclude_regex']
plugins = []
for plugin in data['plugins_used']:
plugin_classname = plugin.pop('name')
plugins.append(initialize.from_plugin_classname(
plugin_classname,
**plugin
))
result.plugins = tuple(plugins)
for filename in data['results']:
result.data[filename] = {}
for item in data['results'][filename]:
secret = PotentialSecret(
item['type'],
filename,
item['line_number'],
'will be replaced',
)
secret.secret_hash = item['hashed_secret']
result.data[filename][secret] = secret
result.version = data['version']
return result
def _load_baseline_from_dict(cls, data):
"""Initializes a SecretsCollection object from dictionary.
:type data: dict
:param data: properly formatted dictionary to load SecretsCollection from.
:rtype: SecretsCollection
:raises: IOError
"""
result = SecretsCollection()
if not all(key in data for key in (
'exclude_regex',
'plugins_used',
'results',
'version',
)):
raise IOError
result.exclude_regex = data['exclude_regex']
plugins = []
for plugin in data['plugins_used']:
plugin_classname = plugin.pop('name')
plugins.append(
initialize.from_plugin_classname(plugin_classname, **plugin))
result.plugins = tuple(plugins)
for filename in data['results']:
result.data[filename] = {}
for item in data['results'][filename]:
secret = PotentialSecret(
item['type'],
filename,
item['line_number'],
secret='will be replaced',
is_secret=item.get('is_secret'),
)
secret.secret_hash = item['hashed_secret']
result.data[filename][secret] = secret
result.version = data['version']
return result
from detect_secrets.core.potential_secret import PotentialSecret
from detect_secrets.plugins.core.initialize import from_plugin_classname
from six import iteritems
from .base import Tool, Issue, AccessIssue, UnknownIssue
class DetectSecretsIssue(Issue):
tool = 'secrets'
pylint_type = 'W'
PLUGINS = [
from_plugin_classname(
_plugin.classname,
**dict([(
_arg[0][2:].replace('-', '_'),
_arg[1],
) for _arg in _plugin.related_args]))
for _plugin in PluginOptions.all_plugins
]
DESCRIPTION = 'Possible secret detected: {description}'
def plugin_code(plugin):
return plugin.__class__.__name__
class DetectSecretsTool(Tool):
"""
The secrets tool attempts to detect secrets (keys, passwords, etc) that are
def test_fails_if_not_base_plugin(self):
with pytest.raises(TypeError):
initialize.from_plugin_classname(
'log',
)