def main(argv=None):
if len(sys.argv) == 1: # pragma: no cover
sys.argv.append('-h')
args = parse_args(argv)
if args.verbose: # pragma: no cover
log.set_debug_level(args.verbose)
if args.action == 'scan':
# Plugins are *always* rescanned with fresh settings, because
# we want to get the latest updates.
plugins = initialize.from_parser_builder(args.plugins)
if args.string:
line = args.string
if isinstance(args.string, bool):
line = sys.stdin.read().splitlines()[0]
_scan_string(line, plugins)
else:
baseline_dict = _perform_scan(
args,
plugins,
)
if args.import_filename:
write_baseline_to_file(
filename=args.import_filename[0],
data=baseline_dict,
)
else:
print(baseline.format_baseline_for_output(baseline_dict, ), )
elif args.action == 'audit':
if not args.diff:
audit.audit_baseline(args.filename[0])
return 0
if len(args.filename) != 2:
print(
'Must specify two files to compare!',
file=sys.stderr,
)
return 1
try:
audit.compare_baselines(args.filename[0], args.filename[1])
except audit.RedundantComparisonError:
print(
'No difference, because it\'s the same file!',
file=sys.stderr,
)
return 0
def test_compare(self, mock_printer):
with self.mock_env():
audit.compare_baselines('baselineA', 'baselineB')
# Break up the printed messages, because we're only interested
# in the headers.
headers = []
start_capture = True
buffer = ''
for line in mock_printer.message.splitlines():
if line[0] == '-':
start_capture = not start_capture
continue
if start_capture:
buffer += line + '\n'
elif buffer:
headers.append(buffer)
buffer = ''
# This comes first, because it's found at line 1.
assert uncolor(headers[0]) == textwrap.dedent("""
Secret: 1 of 4
Filename: test_data/each_secret.py
Secret Type: Hex High Entropy String
Status: >> ADDED <<
""")[1:]
assert uncolor(headers[1]) == textwrap.dedent("""
Secret: 2 of 4
Filename: test_data/each_secret.py
Secret Type: Base64 High Entropy String
Status: >> REMOVED <<
""")[1:]
# These files come after, because filenames are sorted first
assert uncolor(headers[2]) == textwrap.dedent("""
Secret: 3 of 4
Filename: test_data/short_files/first_line.php
Secret Type: Hex High Entropy String
Status: >> REMOVED <<
""")[1:]
assert uncolor(headers[3]) == textwrap.dedent("""
Secret: 4 of 4
Filename: test_data/short_files/last_line.ini
Secret Type: Hex High Entropy String
Status: >> ADDED <<
""")[1:]
def main(argv=sys.argv[1:]):
if len(sys.argv) == 1: # pragma: no cover
sys.argv.append('--help')
args = parse_args(argv)
if args.verbose: # pragma: no cover
log.set_debug_level(args.verbose)
if args.action == 'scan':
automaton = None
word_list_hash = None
if args.word_list_file:
automaton, word_list_hash = build_automaton(args.word_list_file)
# Plugins are *always* rescanned with fresh settings, because
# we want to get the latest updates.
plugins = initialize.from_parser_builder(
plugins_dict=args.plugins,
custom_plugin_paths=args.custom_plugin_paths,
exclude_lines_regex=args.exclude_lines,
automaton=automaton,
should_verify_secrets=not args.no_verify,
)
if args.string:
line = args.string
if isinstance(args.string, bool):
line = sys.stdin.read().splitlines()[0]
_scan_string(line, plugins)
else:
baseline_dict = _perform_scan(
args,
plugins,
automaton,
word_list_hash,
)
if args.import_filename:
write_baseline_to_file(
filename=args.import_filename[0],
data=baseline_dict,
)
else:
print(baseline.format_baseline_for_output(baseline_dict, ), )
elif args.action == 'audit':
if not args.diff and not args.display_results:
audit.audit_baseline(args.filename[0])
return 0
if args.display_results:
audit.print_audit_results(args.filename[0])
return 0
if len(args.filename) != 2:
print(
'Must specify two files to compare!',
file=sys.stderr,
)
return 1
try:
audit.compare_baselines(args.filename[0], args.filename[1])
except audit.RedundantComparisonError:
print(
'No difference, because it\'s the same file!',
file=sys.stderr,
)
return 0
def test_raises_error_if_comparing_same_file(self):
with pytest.raises(audit.RedundantComparisonError):
audit.compare_baselines('foo/bar', 'foo/bar')
def test_compare_quit(self, mock_printer):
with self.mock_env(user_input=['q']):
audit.compare_baselines('baselineA', 'baselineB')
assert 'Quitting...' in mock_printer.message
