Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

detect-secrets not scanning files in nested directories #876

Open
1 of 2 tasks
Darguelles opened this issue Aug 14, 2024 · 1 comment
Open
1 of 2 tasks

detect-secrets not scanning files in nested directories #876

Darguelles opened this issue Aug 14, 2024 · 1 comment

Comments

@Darguelles
Copy link

  • I'm submitting a ...

    • bug report
    • feature request

  • What is the current behavior?

I'm using detect-secrets 1.5.0, from a repo_directory initialised with git. Inside this repository there is a nested folder named inner, with its own baseline file and some test files with secrets to be detected, all files tracked by git.

When I run detect-secrets scan inner/ it successfully updates the baseline in the root directory. If I specify the baseline inside inner directory, it is updated too.

When I cd into inner directory and run detect-secrets scan, then no secrets on the files are not detected and the baseline only updates the generated_at field.

  • If the current behavior is a bug, please provide the steps to reproduce and if possible a minimal demo of the problem
  1. Create an empty directory (temporary_dir)
  2. Initialize git
  3. Create 2 files containing secrets (eg. secrets.properties with password=hunter123)
  4. Add a baseline file (default one)
  5. Create a nested directory (eg inner)
  6. Copy the created files into nested directory
  7. Run git add . to track the files with git.
  8. Run detect-secrets scan inner/ , it will show a baseline output with the results containing secrets detection.
  9. cd into nested directory. Run detect-secrets scan. The secrets baseline is not updated and result is empty.

  • What is the expected behavior?
    detect-secrets scan should detect secrets on the directory it's being executed.

  • What is the motivation / use case for changing the behavior?

It's a use case for scanning on specific folders without need to specify the path at root level.

  • Please tell us about your environment:
    • detect-secrets Version: 1.5.0
    • Python Version: 3.11
    • OS Version: macOS Sonoma 14.6
    • File type (if applicable): .properties, ,yaml
@Darguelles Darguelles changed the title detect-secrets not scanning files nested directories detect-secrets not scanning files in nested directories Aug 14, 2024
@lorenzodb1
Copy link
Member

Hi @Darguelles, thank you for opening this issue 😄 There's a PR related to this issue (#774) which is in a semi-abandoned state. I'd encourage you to pick it up and open a PR yourself so we can merge it to master

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@Darguelles @lorenzodb1