Skip to content

Commit

Permalink
💯 Coverage for high_entropy_strings.py
Browse files Browse the repository at this point in the history
- 🐍 Refactor hadouken code
- 🐍 Remove high_entropy_strings.py from the uncovered files list in tox
  • Loading branch information
KevinHock committed Sep 20, 2019
1 parent 7ce4b85 commit de7fbd2
Show file tree
Hide file tree
Showing 2 changed files with 26 additions and 28 deletions.
50 changes: 24 additions & 26 deletions detect_secrets/plugins/high_entropy_strings.py
Original file line number Diff line number Diff line change
Expand Up @@ -196,36 +196,34 @@ def _analyze_yaml_file(self, file, filename):
while len(to_search) > 0:
item = to_search.pop()

try:
if '__line__' in item and item['__line__'] not in ignored_lines:
# An isinstance check doesn't work in py2
# so we need the __is_binary__ field.
string_to_scan = (
self.decode_binary(item['__value__'])
if item['__is_binary__']
else item['__value__']
)

secrets = self.analyze_string(
string_to_scan,
item['__line__'],
filename,
)

if item['__is_binary__']:
secrets = self._encode_yaml_binary_secrets(secrets)

potential_secrets.update(secrets)

if '__line__' in item:
continue

if '__line__' not in item:
for key in item:
obj = item[key] if isinstance(item, dict) else key
if isinstance(obj, dict):
to_search.append(obj)
except TypeError:
pass
continue

if item['__line__'] in ignored_lines:
continue

# An isinstance check doesn't work in py2
# so we need the __is_binary__ field.
string_to_scan = (
self.decode_binary(item['__value__'])
if item['__is_binary__']
else item['__value__']
)

secrets = self.analyze_string(
string_to_scan,
item['__line__'],
filename,
)

if item['__is_binary__']:
secrets = self._encode_yaml_binary_secrets(secrets)

potential_secrets.update(secrets)

return potential_secrets

Expand Down
4 changes: 2 additions & 2 deletions tox.ini
Original file line number Diff line number Diff line change
Expand Up @@ -14,8 +14,8 @@ commands =
coverage run -m pytest tests -v
coverage report --show-missing --include=tests/* --fail-under 100
# This is so that we do not regress unintentionally
coverage report --show-missing --include=detect_secrets/* --omit=detect_secrets/core/audit.py,detect_secrets/core/baseline.py,detect_secrets/core/secrets_collection.py,detect_secrets/core/usage.py,detect_secrets/main.py,detect_secrets/plugins/common/ini_file_parser.py,detect_secrets/plugins/common/initialize.py,detect_secrets/plugins/high_entropy_strings.py --fail-under 100
coverage report --show-missing --include=detect_secrets/core/audit.py,detect_secrets/core/baseline.py,detect_secrets/core/secrets_collection.py,detect_secrets/core/usage.py,detect_secrets/main.py,detect_secrets/plugins/common/ini_file_parser.py,detect_secrets/plugins/common/initialize.py,detect_secrets/plugins/high_entropy_strings.py --fail-under 97
coverage report --show-missing --include=detect_secrets/* --omit=detect_secrets/core/audit.py,detect_secrets/core/baseline.py,detect_secrets/core/secrets_collection.py,detect_secrets/core/usage.py,detect_secrets/main.py,detect_secrets/plugins/common/ini_file_parser.py,detect_secrets/plugins/common/initialize.py --fail-under 100
coverage report --show-missing --include=detect_secrets/core/audit.py,detect_secrets/core/baseline.py,detect_secrets/core/secrets_collection.py,detect_secrets/core/usage.py,detect_secrets/main.py,detect_secrets/plugins/common/ini_file_parser.py,detect_secrets/plugins/common/initialize.py --fail-under 96
pre-commit run --all-files --show-diff-on-failure

[testenv:venv]
Expand Down

0 comments on commit de7fbd2

Please sign in to comment.