Add a (b)ack option to 'Is this a valid secret?' Closes Issue #63 #72
Conversation
.gitignore
Outdated
| @@ -1,6 +1,7 @@ | |||
| *.egg-info | |||
| *.py[co] | |||
| *.sw[op] | |||
| .secrets.baseline | |||
There was a problem hiding this comment.
.secrets.baseline felt like it should only be in a local copy. I might be mistaken.
There was a problem hiding this comment.
Ahh, that is confusing, sorry about that, it is purposefully meant to be included in the Git repo though.
That's really awesome :D 🎈 🍰 🎉 I'll get back to you on Tuesday or Wednesday with possible implementation preferences. |
next call of `__next__` would look like. Does not work properly yet (can only step back if last choice was `s` and counter at top does not decrease properly.
… to check how to do this properly)
|
Bidirectional iterator looks good! Looking forward to tests! |
| raise StopIteration | ||
| return result | ||
|
|
||
| def next(self): |
There was a problem hiding this comment.
Nit: Looping should call the 👍__next__ method directly, so no need for a next method
There was a problem hiding this comment.
I added next to be python2 compatible (it was renamed form next to __next__ from python2 to 3).
However, this does not feel very clean - perhaps you know of a better way? :)
There was a problem hiding this comment.
Aha! Very good point, I only tested on Python 3. My bad. I am impressed by how thorough you are 👍
|
Is there an assumption that secrets in the results of the baseline are in a fixed order? (I mean the lists |
|
@cleborys: currently, no there isn't. It's a Python dictionary for O(1) access by filename (and because the JSON dump is human readable), but that means key iteration cannot be depended on for order. It's a good point though -- and would simplify testing and other logic. Maybe you would like to work on it as a next PR? =D If we sort the keys before iterating through it, that should fix stuff. |
|
@domanchi Sorry, I am a bit confused 😅 Currently the audit iterates over all secrets and automatically skips these that already had the I am not completely confident that that would work as stated, because simply removing the "has |
|
@KevinHock Thanks :) But it is not yet functional! Only the framework with the new iterator works yet, so don't merge 😉 (I don't really know the etiquette yet - I made a pull request already so that you can see whats happening, but I wouldn't remove the [WIP] tag in the title until it is functional and I think I'm done. So I hope your approval doesn't mean that you intend to merge) |
|
@cleborys, ah, I understand you better now. Yes, the secrets in the list are ordered. One benefit of this is comparing side by side diffs of baselines - and it's very easy to see the changes between iterations. You can quite easily see whether a secret has been removed, added, or appropriately labelled. By reordering the contents, it becomes that much harder to see differences, if applicable. For example, if you start the audit process with pre-existing audited secrets, but not perform any additional labelling, you would expect no changes to the baseline. If the goal is to allow the e.g. something like |
|
@domanchi Cool, I will not mess around with the order then 😅 |
…d merged afterwards. Stepping back now functional.
|
It seems I had forgotten how Python works ("everything is a pointer") and in the end the necessary changes were much easier. The user decision loop now only loops over secrets which don't have the I expect that everything works as it should now, but I'll add some tests to make sure 😄 |
…. This enables going back and overriding a previous choice with 'skip'
|
Tests written and passing, manual sanity checks also successful! 🎉 🎈 |
cleborys
changed the title
Add going backwards option to 'Is this a valid secret?', closing Issue #63
This would be my first contribution to open source ever - thank you for the "good first issue" flag!
I have not yet figured out how to run the tests properly, else I would try to be test-driven.
The two directions I could see this go in are currently (preferences welcome):
_secret_generatorincore/audit.pya list instead of a generator and handle indices inaudit_baseline_secret_generatorto a "bidirectional iterator" object (still goes throughlist). That adds some overhead, but keeps thefor ... in _secret_generatorofaudit_baselineand might makeaudit.pymore readable.