diff --git a/detect_secrets/core/scan.py b/detect_secrets/core/scan.py index f84d53c3..9329174d 100644 --- a/detect_secrets/core/scan.py +++ b/detect_secrets/core/scan.py @@ -1,4 +1,4 @@ -import os +import os.path import subprocess from typing import Any from typing import cast @@ -20,7 +20,6 @@ from ..util.code_snippet import CodeSnippet from ..util.code_snippet import get_code_snippet from ..util.inject import call_function_with_arguments -from ..util.path import get_relative_path from .log import log from .plugins import Plugin from .potential_secret import PotentialSecret @@ -54,8 +53,8 @@ def get_files_to_scan( :param root: if not specified, will assume current repository as root. """ - if root: - root = os.path.realpath(root) + root = os.path.realpath(root) + paths = tuple(map(os.path.realpath, paths)) # First, we determine the appropriate filtering mode to be used. # If this is True, then it will consider everything to be valid. @@ -69,7 +68,14 @@ def get_files_to_scan( if not should_scan_all_files: try: - valid_paths = git.get_tracked_files(git.get_root_directory(root)) + git_root = git.get_root_directory(root) + relative_root = os.path.relpath(root, git_root) + '/' if root != git_root else '' + tracked_paths = git.get_tracked_files(git_root) + valid_paths = set( + os.path.relpath(os.path.join(git_root, path), root) + for path in tracked_paths + if path.startswith(relative_root) + ) except subprocess.CalledProcessError: log.warning('Did not detect git repository. Try scanning all files instead.') valid_paths = False @@ -84,17 +90,14 @@ def get_files_to_scan( for path in paths: iterator = ( - cast(List[Tuple], [(root or os.getcwd(), None, [path])]) + cast(List[Tuple], [(root, None, [path])]) if os.path.isfile(path) else os.walk(path) ) for path_root, _, filenames in iterator: for filename in filenames: - relative_path = get_relative_path( - root=root or os.getcwd(), - path=os.path.join(path_root, filename), - ) + relative_path = os.path.relpath(os.path.join(path_root, filename), root) if not relative_path: # e.g. symbolic links may be pointing outside the root directory continue diff --git a/detect_secrets/util/git.py b/detect_secrets/util/git.py index ff491153..3b941bec 100644 --- a/detect_secrets/util/git.py +++ b/detect_secrets/util/git.py @@ -1,9 +1,8 @@ -import os +import os.path import subprocess from typing import Set from ..core.log import log -from .path import get_relative_path def get_root_directory(path: str = '') -> str: @@ -36,7 +35,7 @@ def get_tracked_files(root: str) -> Set[str]: ) for filename in files.decode('utf-8').splitlines(): - path = get_relative_path(root, os.path.join(root, filename)) + path = os.path.relpath(os.path.join(root, filename), root) if path: output.add(path) diff --git a/detect_secrets/util/path.py b/detect_secrets/util/path.py deleted file mode 100644 index 36eb15c6..00000000 --- a/detect_secrets/util/path.py +++ /dev/null @@ -1,18 +0,0 @@ -import os -from pathlib import Path -from typing import Optional - - -def get_relative_path(root: str, path: str) -> Optional[str]: - if Path(os.getcwd()) == Path(root): - return get_relative_path_if_in_cwd(path) - - return os.path.realpath(path)[len(root + '/'):] - - -def get_relative_path_if_in_cwd(path: str) -> Optional[str]: - filepath = os.path.realpath(path)[len(os.getcwd() + '/'):] - if os.path.isfile(filepath): - return filepath - - return None diff --git a/tests/core/baseline_test.py b/tests/core/baseline_test.py index c8e24a8f..63c9d489 100644 --- a/tests/core/baseline_test.py +++ b/tests/core/baseline_test.py @@ -1,4 +1,5 @@ import json +import os.path import subprocess import tempfile from pathlib import Path @@ -8,7 +9,6 @@ from detect_secrets.core import baseline from detect_secrets.settings import get_settings -from detect_secrets.util.path import get_relative_path_if_in_cwd from testing.mocks import mock_named_temporary_file @@ -79,7 +79,7 @@ def test_scan_all_files(): assert f.name not in secrets.data secrets = baseline.create('test_data/files/tmp', should_scan_all_files=True) - assert get_relative_path_if_in_cwd(f.name) in secrets.data + assert os.path.relpath(f.name, '') in secrets.data def test_load_and_output(): diff --git a/tests/core/scan_test.py b/tests/core/scan_test.py index 566e2e46..91a94420 100644 --- a/tests/core/scan_test.py +++ b/tests/core/scan_test.py @@ -1,4 +1,4 @@ -import os +import os.path import textwrap from pathlib import Path @@ -7,7 +7,6 @@ from detect_secrets.core import scan from detect_secrets.settings import transient_settings from detect_secrets.util import git -from detect_secrets.util.path import get_relative_path_if_in_cwd from testing.mocks import mock_named_temporary_file @@ -16,10 +15,19 @@ class TestGetFilesToScan: def test_should_scan_specific_non_tracked_file(non_tracked_file): assert list(scan.get_files_to_scan(non_tracked_file.name, should_scan_all_files=False)) + @staticmethod + def test_should_scan_tracked_files_when_in_subdirectory(non_tracked_file): + pwd = os.getcwd() + try: + os.chdir('test_data') + assert len(list(scan.get_files_to_scan('.', should_scan_all_files=False))) == 23 + finally: + os.chdir(pwd) + @staticmethod def test_should_scan_tracked_files_in_directory(non_tracked_file): assert ( - get_relative_path_if_in_cwd(non_tracked_file.name) not in set( + os.path.relpath(non_tracked_file.name, '') not in set( scan.get_files_to_scan( os.path.dirname(non_tracked_file.name), should_scan_all_files=False, @@ -30,7 +38,7 @@ def test_should_scan_tracked_files_in_directory(non_tracked_file): @staticmethod def test_should_scan_all_files_in_directory_if_flag_is_provided(non_tracked_file): assert ( - get_relative_path_if_in_cwd(non_tracked_file.name) in set( + os.path.relpath(non_tracked_file.name, '') in set( scan.get_files_to_scan( os.path.dirname(non_tracked_file.name), should_scan_all_files=True,