def test_deleted_secret(self): new_findings = secrets_collection_factory([ { 'secret': 'secret', 'lineno': 2, }, ]) baseline = secrets_collection_factory([ { 'secret': 'deleted_secret', 'lineno': 1, }, { 'secret': 'secret', 'lineno': 2, }, ]) is_successful = update_baseline_with_removed_secrets( new_findings, baseline, ['filename'], ) assert is_successful assert len(baseline.data) == 1 assert next(iter(baseline.data['filename'])).lineno == 2
def test_no_baseline_modifications(self, results_dict, baseline_dict): new_findings = secrets_collection_factory([results_dict]) baseline = secrets_collection_factory([baseline_dict]) assert not update_baseline_with_removed_secrets( new_findings, baseline, ['filename'], )
def main(argv=None): args = parse_args(argv) if args.verbose: # pragma: no cover CustomLog.enableDebug(args.verbose) try: # If baseline is provided, we first want to make sure # it's valid, before doing any further computation. baseline_collection = get_baseline(args.baseline[0]) except (IOError, ValueError): # Error logs handled in load_baseline_from_file logic. return 1 results = find_secrets_in_files(args) if baseline_collection: original_results = results results = get_secrets_not_in_baseline( results, baseline_collection, ) if len(results.data) > 0: pretty_print_diagnostics(results) return 1 if not baseline_collection: return 0 # Only attempt baseline modifications if we don't find any new secrets successful_update = update_baseline_with_removed_secrets( original_results, baseline_collection, args.filenames, ) if successful_update: with open(args.baseline[0], 'w') as f: f.write( json.dumps( baseline_collection.format_for_baseline_output(), indent=2, ) ) # The pre-commit framework should automatically detect a file change # and print a relevant error message. return 1 return 0
def main(argv=None): args = parse_args(argv) if args.verbose: # pragma: no cover log.set_debug_level(args.verbose) try: # If baseline is provided, we first want to make sure # it's valid, before doing any further computation. baseline_collection = get_baseline(args.baseline[0]) except (IOError, ValueError): # Error logs handled within logic. return 1 results = find_secrets_in_files(args) if baseline_collection: original_results = results results = get_secrets_not_in_baseline( results, baseline_collection, ) if len(results.data) > 0: pretty_print_diagnostics(results) return 1 if not baseline_collection: return 0 # Only attempt baseline modifications if we don't find any new secrets successful_update = update_baseline_with_removed_secrets( original_results, baseline_collection, args.filenames, ) if successful_update: _write_to_baseline_file( args.baseline[0], baseline_collection.format_for_baseline_output(), ) # The pre-commit framework should automatically detect a file change # and print a relevant error message. return 1 return 0
def test_deleted_secret_file(self): new_findings = secrets_collection_factory() baseline = secrets_collection_factory([ { 'filename': 'filename', }, ]) is_successful = update_baseline_with_removed_secrets( new_findings, baseline, [ # This is in baseline, but not in results, so # it should be deleted from baseline. 'filename', ], ) assert is_successful assert len(baseline.data) == 0