def get_secret(self, filename, secret, type_=None): """Checks to see whether a secret is found in the collection. :type filename: str :param filename: the file to search in. :type secret: str :param secret: secret hash of secret to search for. :type type_: str :param type_: type of secret, if known. :rtype: PotentialSecret|None """ if filename not in self.data: return None if type_: # Optimized lookup, because we know the type of secret # (and therefore, its hash) tmp_secret = PotentialSecret(type_, filename, secret='will be overriden') tmp_secret.secret_hash = secret if tmp_secret in self.data[filename]: return self.data[filename][tmp_secret] return None # NOTE: We can only optimize this, if we knew the type of secret. # Otherwise, we need to iterate through the set and find out. for obj in self.data[filename]: if obj.secret_hash == secret: return obj return None
def _load_baseline_from_dict(cls, data): """Initializes a SecretsCollection object from dictionary. :type data: dict :param data: properly formatted dictionary to load SecretsCollection from. :rtype: SecretsCollection :raises: IOError """ result = SecretsCollection() if 'results' not in data or 'exclude_regex' not in data: raise IOError for filename in data['results']: result.data[filename] = {} for item in data['results'][filename]: secret = PotentialSecret( item['type'], filename, item['line_number'], 'will be replaced', ) secret.secret_hash = item['hashed_secret'] result.data[filename][secret] = secret result.exclude_regex = data['exclude_regex'] return result
def get_secret(self, filename, secret, type_=None): """Checks to see whether a secret is found in the collection. :type filename: str :param filename: the file to search in. :type secret: str :param secret: secret hash of secret to search for. :type type_: str :param type_: type of secret, if known. :rtype: PotentialSecret|None """ if filename not in self.data: return None if type_: # Optimized lookup, because we know the type of secret # (and therefore, its hash) tmp_secret = PotentialSecret(type_, filename, 0, 'will be overriden') tmp_secret.secret_hash = secret if tmp_secret in self.data[filename]: return self.data[filename][tmp_secret] return None # NOTE: We can only optimize this, if we knew the type of secret. # Otherwise, we need to iterate through the set and find out. for obj in self.data[filename]: if obj.secret_hash == secret: return obj return None
def load_baseline_from_dict(cls, data): """Initializes a SecretsCollection object from dictionary. :type data: dict :param data: properly formatted dictionary to load SecretsCollection from. :rtype: SecretsCollection :raises: IOError """ result = SecretsCollection() if not all(key in data for key in ( 'plugins_used', 'results', )): raise IOError # In v0.12.0 `exclude_regex` got replaced by `exclude` if not any(key in data for key in ( 'exclude', 'exclude_regex', )): raise IOError if 'exclude_regex' in data: result.exclude_files = data['exclude_regex'] else: result.exclude_files = data['exclude']['files'] result.exclude_lines = data['exclude']['lines'] plugins = [] for plugin in data['plugins_used']: plugin_classname = plugin.pop('name') plugins.append( initialize.from_plugin_classname( plugin_classname, exclude_lines_regex=result.exclude_lines, should_verify_secrets=False, **plugin), ) result.plugins = tuple(plugins) for filename in data['results']: result.data[filename] = {} for item in data['results'][filename]: secret = PotentialSecret( item['type'], filename, secret='will be replaced', lineno=item['line_number'], is_secret=item.get('is_secret'), ) secret.secret_hash = item['hashed_secret'] result.data[filename][secret] = secret result.version = (data['version'] if 'version' in data else '0.0.0') return result
def _load_baseline_from_dict(cls, data): """Initializes a SecretsCollection object from dictionary. :type data: dict :param data: properly formatted dictionary to load SecretsCollection from. :rtype: SecretsCollection :raises: IOError """ result = SecretsCollection() if not all(key in data for key in ( 'exclude_regex', 'plugins_used', 'results', 'version', )): raise IOError result.exclude_regex = data['exclude_regex'] plugins = [] for plugin in data['plugins_used']: plugin_classname = plugin.pop('name') plugins.append(initialize.from_plugin_classname( plugin_classname, **plugin )) result.plugins = tuple(plugins) for filename in data['results']: result.data[filename] = {} for item in data['results'][filename]: secret = PotentialSecret( item['type'], filename, item['line_number'], 'will be replaced', ) secret.secret_hash = item['hashed_secret'] result.data[filename][secret] = secret result.version = data['version'] return result
def _load_baseline_from_dict(cls, data): """Initializes a SecretsCollection object from dictionary. :type data: dict :param data: properly formatted dictionary to load SecretsCollection from. :rtype: SecretsCollection :raises: IOError """ result = SecretsCollection() if not all(key in data for key in ( 'exclude_regex', 'plugins_used', 'results', 'version', )): raise IOError result.exclude_regex = data['exclude_regex'] plugins = [] for plugin in data['plugins_used']: plugin_classname = plugin.pop('name') plugins.append( initialize.from_plugin_classname(plugin_classname, **plugin)) result.plugins = tuple(plugins) for filename in data['results']: result.data[filename] = {} for item in data['results'][filename]: secret = PotentialSecret( item['type'], filename, item['line_number'], secret='will be replaced', is_secret=item.get('is_secret'), ) secret.secret_hash = item['hashed_secret'] result.data[filename][secret] = secret result.version = data['version'] return result
def load_baseline_from_dict(cls, data, plugin_filenames=None): """Initializes a SecretsCollection object from dictionary. :type data: dict :param data: properly formatted dictionary to load SecretsCollection from. :type plugin_filenames: tuple :param plugin_filenames: the plugin filenames. :rtype: SecretsCollection :raises: IOError """ result = SecretsCollection() if not all(key in data for key in ( 'plugins_used', 'results', )): raise IOError # In v0.12.0 `exclude_regex` got replaced by `exclude` if not any(key in data for key in ( 'exclude', 'exclude_regex', )): raise IOError if 'exclude_regex' in data: result.exclude_files = data['exclude_regex'] else: result.exclude_files = data['exclude']['files'] result.exclude_lines = data['exclude']['lines'] # In v0.12.7 the `--word-list` option got added automaton = None if 'word_list' in data: result.word_list_file = data['word_list']['file'] result.word_list_hash = data['word_list']['hash'] if result.word_list_file: # Always ignore the given `data['word_list']['hash']` # The difference will show whenever the word list changes automaton, result.word_list_hash = build_automaton( result.word_list_file) plugins = [] for plugin in data['plugins_used']: plugin_classname = plugin.pop('name') initialized_plugin_classname = initialize.from_plugin_classname( plugin_classname, exclude_lines_regex=result.exclude_lines, automaton=automaton, should_verify_secrets=True, plugin_filenames=plugin_filenames, **plugin, ) if initialized_plugin_classname is not None: plugins.append(initialized_plugin_classname) result.plugins = tuple(plugins) for filename in data['results']: result.data[filename] = {} for item in data['results'][filename]: secret = PotentialSecret( item['type'], filename, secret='will be replaced', lineno=item['line_number'], is_secret=item.get('is_secret'), output_raw=result.output_raw, is_verified=item['is_verified'], verified_result=item.get('verified_result'), ) secret.secret_hash = item['hashed_secret'] result.data[filename][secret] = secret result.version = (data['version'] if 'version' in data else '0.0.0') return result
def load_baseline_from_dict(cls, data): """Initializes a SecretsCollection object from dictionary. :type data: dict :param data: properly formatted dictionary to load SecretsCollection from. :rtype: SecretsCollection :raises: IOError """ result = SecretsCollection() if not all(key in data for key in ( 'plugins_used', 'results', )): raise IOError # In v0.12.0 `exclude_regex` got replaced by `exclude` if not any(key in data for key in ( 'exclude', 'exclude_regex', )): raise IOError if 'exclude_regex' in data: result.exclude_files = data['exclude_regex'] else: result.exclude_files = data['exclude']['files'] result.exclude_lines = data['exclude']['lines'] # In v0.12.7 the `--word-list` option got added automaton = None if 'word_list' in data: result.word_list_file = data['word_list']['file'] result.word_list_hash = data['word_list']['hash'] if result.word_list_file: # Always ignore the existing `data['word_list']['hash']` # The difference will show whenever the word list changes automaton, result.word_list_hash = build_automaton( result.word_list_file) # In v0.14.0 the `--custom-plugins` option got added result.custom_plugin_paths = tuple(data.get('custom_plugin_paths', ())) result.plugins = tuple( initialize.from_plugin_classname( plugin_classname=plugin.pop('name'), custom_plugin_paths=result.custom_plugin_paths, exclude_lines_regex=result.exclude_lines, automaton=automaton, should_verify_secrets=False, **plugin) for plugin in data['plugins_used']) for filename in data['results']: result.data[filename] = {} for item in data['results'][filename]: secret = PotentialSecret( item['type'], filename, secret='will be replaced', lineno=item['line_number'], is_secret=item.get('is_secret'), ) secret.secret_hash = item['hashed_secret'] result.data[filename][secret] = secret result.version = (data['version'] if 'version' in data else '0.0.0') return result