Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add support for importing baselines #45

Merged
merged 3 commits into from
Jun 27, 2018
Merged

Add support for importing baselines #45

merged 3 commits into from
Jun 27, 2018

Conversation

domanchi
Copy link
Contributor

Summary

Now that we have the capability to label secrets in the baseline, we need to address the issue of how we treat version bumps with potentially labelled data.

For any version before 0.9, our main strategy is to just ask the user to recreate the baseline. However, versions after 0.9 may have labelled data, and merely recreating the baseline would potentially eliminate all labelled data. To support this, we introduce the concept of importing baselines.

Testing

detect-secrets$ detect-secrets --scan test_data > .secrets.baseline
detect-secrets$ detect-secrets --audit .secrets.baseline

<auditing-happens>

detect-secrets$ detect-secrets --scan test_data < .secrets.baseline > .secrets.baseline.new
detect-secrets$ diff .secrets.baseline .secrets.baseline.new
3c3
<   "generated_at": "2018-06-27T19:50:04Z",
---
>   "generated_at": "2018-06-27T20:07:19Z",
104c104

Another way of importing it is by using the --import flag.

detect-secrets$ detect-secrets --scan test_data --import .secrets.baseline > .secrets.baseline.new

@domanchi domanchi requested a review from KevinHock June 27, 2018 21:01
KevinHock
KevinHock approved these changes Jun 27, 2018
View reviewed changes
Copy link
Collaborator

@KevinHock KevinHock left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

detect_secrets/main.py
with open(getattr(args, 'import')[0]) as f:
return json.loads(f.read())

if not sys.stdin.isatty():
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

TIL 👍

@domanchi domanchi merged commit 443e085 into master Jun 27, 2018
@domanchi domanchi deleted the import-baselines branch June 27, 2018 22:27
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@KevinHock KevinHock KevinHock approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@domanchi @KevinHock