Comments (3)
This is annoying indeed 👍 I'll work on this
from detect-secrets.
So this is a little worse than I initially thought, since IIRC the pre-commit hook will remove the plugins as soon as it auto-updates the baseline.
The Why
So in secrets_collection.py we load the baseline in, but don't take plugins
into account. We need to turn these into a proper tuple, the way initialize_plugins
turns args.plugins
into a proper tuple.
However, we cannot just call initialize_plugins
as that expects e.g.
assert args.plugins == {
'HexHighEntropyString': {
'hex_limit': [3],
},
'Base64HighEntropyString': {
'base64_limit': [4.5],
},
'PrivateKeyDetector': {},
}
Not a list we have in _load_baseline_from_dict
:
[
{
'limit': 4.5,
'name': 'Base64HighEntropyString'
},
{
'limit': 3,
'name': 'HexHighEntropyString'
},
{
'name': 'PrivateKeyDetector'
}
]
The Solution
So I tried to see if calling _initialize_plugin
direct, would help, but since it takes *args
instead of **kwargs
, I could have hard-coded passing in limit
from the dict, but that's bad and hard-coded.
Then I wondered how _initialize_plugin
is called in the first place, from initialize_plugins
:
args = []
if init_values:
key = list(init_values.keys())[0]
args.append(init_values[key][0])
output.append(_initialize_plugin(plugin_name, *args))
This is bad b/c we're depending on the order of a .keys()
to pass in *args
, I think we should only be using **kwargs
.
After it is fixed to use **kwargs
, I can call _initialize_plugin
directly. (From a wrapper function in plugins/__init__.py
of course, not from secrets_collection.py
. Though we might want to make a different file in plugins/
, as putting a lot of code in __init__.py
's is generally frowned upon.)
from detect-secrets.
Fixed 👍 🎈
from detect-secrets.
Related Issues (20)
- Should include filename in error displayed if plugin file in baseline not found HOT 1
- brew missing dependencies HOT 3
- UI improvement: Wording of audit prompt is confusing HOT 3
- False positive detection of Git revision hash as high entropy string in `pyproject.toml` HOT 3
- Detection of telegram bot API-keys
- Fix README so copy/paste works HOT 1
- Supported languages? HOT 3
- Secret followed by type hint are not detected
- Secrets are not found in Jupyter Notebooks HOT 1
- validity checking of detected secrets ? HOT 5
- Detect a npmrc auth token being checked in HOT 1
- Problem with Python3.11 and pre-commit HOT 4
- False Negative - YAML Parser Stops Reading After First String Value/Does Not Read Lists of Strings
- Getting detect-secrets: command not found error HOT 3
- Request: using a baseline as an allowlist HOT 5
- Pre-commit hook fails with "error: Unable to read baseline." HOT 1
- Reddit HOT 1
- Request: Push a new tag HOT 3
- Bug file with just `APEOptState` seems to be breaking `detect-secrets[word_list]==1.5.0` HOT 1
- detect-secrets-hook read file list from a file, to allow use of exit code HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from detect-secrets.