Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Fixes for audit#83

Merged
KevinHock merged 5 commits into
Yelp:masterfrom
operasoftware:fixes-for-audit
Oct 10, 2018
Merged

Fixes for audit#83
KevinHock merged 5 commits into
Yelp:masterfrom
operasoftware:fixes-for-audit

Conversation

@jmymay
Copy link
Copy Markdown
Contributor

@jmymay jmymay commented Oct 8, 2018

This PR fixes two issues I've noticed in the audit mode:

  1. keyword plugin failing with SecretNotFoundOnSpecifiedLineError if the secret is different in terms of lowercase vs uppercase. (before this change the keyword plugin is case-insensitive at

    detect-secrets/detect_secrets/plugins/keyword.py

    Line 58 in d912ced

    for identifier in self.secret_generator(string.lower()):
    but case-sensitive at

    detect-secrets/detect_secrets/plugins/keyword.py

    Line 70 in d912ced

    for line in BLACKLIST:
    — and the latter is used by the audit mode at

    detect-secrets/detect_secrets/core/audit.py

    Line 313 in cc6bddb

    for raw_secret in _raw_secret_generator(plugin, secret_line):
    )
  2. _get_secret_with_context failing for small files if they don't have \n at the end of the file.

Jerzy Kozera added 3 commits October 8, 2018 17:52
@KevinHock
Copy link
Copy Markdown
Collaborator

KevinHock commented Oct 8, 2018

This looks great to me! Thank you so much for making this, squeaky clean commits too. :)

domanchi
domanchi reviewed Oct 8, 2018
View reviewed changes
Comment thread detect_secrets/plugins/keyword.py
return output

for identifier in self.secret_generator(string.lower()):
for identifier in self.secret_generator(string):
Copy link
Copy Markdown
Contributor

@domanchi domanchi Oct 8, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It's probably more performant to make the string lowered once here, and passed into secret_generator, than to make it .lower() every time.

Comment thread detect_secrets/plugins/keyword.py Outdated
def secret_generator(self, string):
for line in BLACKLIST:
if line in string:
if line.lower() in string.lower():
Copy link
Copy Markdown
Contributor

@domanchi domanchi Oct 8, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why not just change PASS = in BLACKLIST to lowercase?

Simplify and improve performance of the keyword plugin
191bbb5 
As per @domanchi comments for the PR Yelp#83, doing `lower()` once
is enough, and should also be faster.
@jmymay
Copy link
Copy Markdown
Contributor Author

jmymay commented Oct 8, 2018

@domanchi Good points :) I will update the PR shortly.

@KevinHock KevinHock merged commit 680f00a into Yelp:master Oct 10, 2018
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@KevinHock KevinHock KevinHock approved these changes

+1 more reviewer

@domanchi domanchi domanchi approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@jmymay @KevinHock @domanchi