Content Checker Plugin #118
Conversation
|
Hi @TharunMohandoss, thank you for your pull request! I will review it this week. |
|
@TharunMohandoss sorry for the wait on the PR review, unfortunately I've been very busy lately. I will make some time this week to review your PR! |
|
Hi @TharunMohandoss, you will want to make sure that your commits are signed. See this check for instructions on how to fix the unsigned commit: https://github.com/IBM/detect-secrets/runs/11811883373. |
| ._add_output_verified_false_flag()\ | ||
| ._add_fail_on_unaudited_flag() | ||
| ._add_fail_on_non_audited_flag() |
There was a problem hiding this comment.
This line should be ._add_fail_on_unaudited_flag(): https://github.com/IBM/detect-secrets/blob/master/detect_secrets/core/usage.py#L88
| def _add_fail_on_non_audited_flag(self): | ||
| self.parser.add_argument( | ||
| '--fail-on-unaudited', | ||
| '--fail-on-non-audited', |
There was a problem hiding this comment.
Can this change please be undone? This renames the --fail-on-unaudited flag and will break detect-secrets for users who are using this flag in their builds and pre-commit config files.
There was a problem hiding this comment.
I think I understand what happened, you're probably working off an outdated version of master (see #118 (comment)).
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
| "content": 'String jwtSecret = "dasdasdasdasdasdasdasdasdasddaasdasdasdasdsdhashdsahdhsadhhasdhahdhashdhahdhah";', | ||
| "want": secretExpected, | ||
| }, | ||
| # { |
There was a problem hiding this comment.
It looks like some of the values in java_source_file_tests are commented out. Was this intentional?
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
|
|
|
||
| self.secret_type = 'Content Checker' | ||
|
|
||
| #print('initialization') |
There was a problem hiding this comment.
This line can probably be removed.
| # print('pattern : ',pattern.name) | ||
| # print("pattern : ",pattern.pattern) | ||
| # print('string : ',string.strip()) | ||
| if pattern.extensions and (file_extension not in pattern.extensions): | ||
| # print('skipping no in extensions list') | ||
| # print() | ||
| # print() | ||
| continue | ||
| elif file_extension in pattern.excluded_extensions: | ||
| # print('in excluded extensions list') | ||
| # print() | ||
| # print() | ||
| continue | ||
|
|
||
| match = pattern.regex.search(string) | ||
| # print('match : ',match) | ||
| # print() | ||
| # print() |
There was a problem hiding this comment.
These print statements can probably be removed as well.
| Adaptation from : https://github.ibm.com/cognitive-data-platform/cognitive-data-platform/blob/master/tools/cedp_ci/check/passwords.go | ||
|
|
||
| Searches for the following named patterns. | ||
| 2. SecretFoundInString |
There was a problem hiding this comment.
Why does this list start with 2?
| def __init__(self, subparser): | ||
| # Override the default audit parser usage message since the arguments within |
There was a problem hiding this comment.
Question: why was the report parser code removed? I wonder if you were working off an outdated version of master. I'd recommend merging upstream master into your branch to ensure that you're working with the latest code.
|
It looks like the tests are failing in the build: Can you please fix them after merging upstream master into your branch? |
No description provided.