Merge pull request awslabs#67 from t13a/feature/fix-scan-files

Feature/fix scan files
adityavs · Aug 10, 2018 · 2333a55 · 2333a55
2 parents 1b5125d + edeef54
commit 2333a55
Show file tree

Hide file tree

Showing 2 changed files with 15 additions and 11 deletions.
diff --git a/git-secrets b/git-secrets
@@ -81,15 +81,15 @@ load_combined_patterns() {
 
 # Scans files or a repo using patterns.
 scan() {
-  local files="$1" options=""
+  local files=("${@}") options=""
   [ "${SCAN_CACHED}" == 1 ] && options+="--cached"
   [ "${SCAN_UNTRACKED}" == 1 ] && options+=" --untracked"
   [ "${SCAN_NO_INDEX}" == 1 ] && options+=" --no-index"
   # Scan using git-grep if there are no files or if git options are applied.
-  if [ -z "${files}" ] || [ ! -z "${options}" ]; then
-    output=$(git_grep $options $files)
+  if [ ${#files[@]} -eq 0 ] || [ ! -z "${options}" ]; then
+    output=$(git_grep $options "${files[@]}")
   else
-    output=$(regular_grep $files)
+    output=$(regular_grep "${files[@]}")
   fi
   process_output $? "${output}"
 }
@@ -110,18 +110,19 @@ scan_history() {
 # Note: this function returns 1 on success, 0 on error.
 git_grep() {
   local options="$1"; shift
-  local files=$@ combined_patterns=$(load_combined_patterns)
+  local files=("${@}") combined_patterns=$(load_combined_patterns)
+
   [ -z "${combined_patterns}" ] && return 1
-  GREP_OPTIONS= LC_ALL=C git grep -nwHEI ${options} "${combined_patterns}" -- $files
+  GREP_OPTIONS= LC_ALL=C git grep -nwHEI ${options} "${combined_patterns}" -- "${files[@]}"
 }
 
 # Performs a regular grep, taking into account patterns and recursion.
 # Note: this function returns 1 on success, 0 on error.
 regular_grep() {
-  local files=$@ patterns=$(load_patterns) action='skip'
+  local files=("${@}") patterns=$(load_patterns) action='skip'
   [ -z "${patterns}" ] && return 1
   [ ${RECURSIVE} -eq 1 ] && action="recurse"
-  GREP_OPTIONS= LC_ALL=C grep -d "${action}" -nwHEI "${patterns}" $files
+  GREP_OPTIONS= LC_ALL=C grep -d "${action}" -nwHEI "${patterns}" "${files[@]}"
 }
 
 # Process the given status ($1) and output variables ($2).
@@ -168,11 +169,14 @@ commit_msg_hook() {
 # Scans all files that are about to be committed.
 pre_commit_hook() {
   SCAN_CACHED=1
-  local file found_match=0 rev="4b825dc642cb6eb9a060e54bf8d69288fbee4904"
+  local files=() file found_match=0 rev="4b825dc642cb6eb9a060e54bf8d69288fbee4904"
   # Diff against HEAD if this is not the first commit in the repo.
   git rev-parse --verify HEAD >/dev/null 2>&1 && rev="HEAD"
   # Filter out deleted files using --diff-filter
-  IFS=$'\n' scan_with_fn_or_die "scan" "$(git diff-index --diff-filter 'ACMU' --name-only --cached $rev --)"
+  while IFS= read -r file; do
+    [ -n "$file" ] && files+=("$file")
+  done <<< "$(git diff-index --diff-filter 'ACMU' --name-only --cached $rev --)"
+  scan_with_fn_or_die "scan" "${files[@]}"
 }
 
 # Determines if merging in a commit will introduce tainted history.

diff --git a/test/pre-commit.bats b/test/pre-commit.bats
@@ -41,7 +41,7 @@ load test_helper
   [ $status -eq 0 ]
   # Ensure deleted files are filtered out of the grep
   rm $TEST_REPO/data.txt
-  echo 'aaa' $TEST_REPO/data_2.txt
+  echo 'aaa' > $TEST_REPO/data_2.txt
   run git add -A
   run git commit -m 'This is also fine'
   [ $status -eq 0 ]