--all-files argument do not work in new version (0.12.7)

[SolalVall]

Hello,

Maybe I missed something but I updated recently detect-secrets package from 0.12.2 -> 0.12.7 and it seems that detect-secrets scan --all-files don't work anymore:

Reproduce step:

$ mkdir ~/foo && echo "password='123'" > ~/foo/bar

Output in v0.12.2:

$ detect-secrets -v scan --all-files ~/foo
[secrets_collection]    INFO    Checking file: /home/my_user/foo/bar
{
  "exclude": {
    "files": null,
    "lines": null
  },
  "generated_at": "2019-10-07T20:34:45Z",
  "plugins_used": [
        .....
  ],
  "results": {
    "/home/my_user/foo/bar": [
      {
        "hashed_secret": "40bd001563085fc35165329ea1ff5c5ecbdbbeef",
        "line_number": 1,
        "type": "Secret Keyword"
      }
    ]
  },
  "version": "0.12.2"
}

Output in v0.12.7:

$ detect-secrets -v scan --all-files ~/foo
[secrets_collection]    INFO    Checking file: /home/my_user/foo/bar
{
  "exclude": {
    "files": null,
    "lines": null
  },
  "generated_at": "2019-10-07T20:35:05Z",
  "plugins_used": [
        .....
  ],
  "results": {},
  "version": "0.12.7",
  "word_list": {
    "file": null,
    "hash": null,
  }
}

We can observe that no results were found in the directory for the newest version. Maybe the issue is due to the new option --word_list that was recently added ?

Thanks in advance

[KevinHock]

Hi @SolalVall, currently I believe what causes keyword detector to skip this is that I added an is_false_positive call in keyword.py in the above commit, which aside from the wordlist filtering (only happens if a wordlist is passed), skips over any sequential strings.

detect-secrets/detect_secrets/plugins/common/filters.py

Lines 87 to 88 in b21c5f8

	# Capturing any number sequences
	string.digits * 2,

In other words, it's b/c the RHS value is 123, if you change it to e.g. 1sweetgreen it'll trigger.

[KevinHock]

Happy to talk more about this if I’m mistaken above, but for now I’ll close this issue 👍