def test_do_not_add_policy_breaks_to_last_found(client):
"""
GIVEN 2 policy breaks on different files with the same ignore sha
WHEN add_found_policy_break is called
THEN only one element should be added
"""
policy_break = PolicyBreak("a", "gitignore",
[Match("apikey", "apikey", 0, 0, 0, 0)])
cache = Cache()
cache.add_found_policy_break(policy_break, "a")
assert len(cache.last_found_secrets) == 0
def scan(
self,
client: GGClient,
cache: Cache,
matches_ignore: Iterable[str],
all_policies: bool,
verbose: bool,
) -> List[Result]:
cache.purge()
scannable_list = self.scannable_list
results = []
chunks = []
for i in range(0, len(scannable_list), MULTI_DOCUMENT_LIMIT):
chunks.append(scannable_list[i:i + MULTI_DOCUMENT_LIMIT])
with concurrent.futures.ThreadPoolExecutor(
max_workers=min(CPU_COUNT, 4),
thread_name_prefix="content_scan") as executor:
future_to_scan = {
executor.submit(client.multi_content_scan, chunk): chunk
for chunk in chunks
}
for future in concurrent.futures.as_completed(future_to_scan):
chunk = future_to_scan[future]
scan = future.result()
if not scan.success:
handle_scan_error(scan, chunk)
continue
for index, scanned in enumerate(scan.scan_results):
remove_ignored_from_result(scanned, all_policies,
matches_ignore)
if scanned.has_policy_breaks:
for policy_break in scanned.policy_breaks:
cache.add_found_policy_break(
policy_break, chunk[index]["filename"])
results.append(
Result(
content=chunk[index]["document"],
scan=scanned,
filemode=chunk[index]["filemode"],
filename=chunk[index]["filename"],
))
cache.save()
return results