Verify by default for baseline (Yelp#313)

Add back missing param (Yelp#314)

Author: XIANJUN ZHU

detect_secrets/core/secrets_collection.py

@@ -122,19 +122,19 @@ def load_baseline_from_dict(cls, data):
                 # The difference will show whenever the word list changes
                 automaton, result.word_list_hash = build_automaton(result.word_list_file)
 
-        # In v0.14.0 the `--custom-plugins` option got added
-        result.custom_plugin_paths = tuple(data.get('custom_plugin_paths', ()))
-
-        result.plugins = tuple(
-            initialize.from_plugin_classname(
-                plugin_classname=plugin.pop('name'),
-                custom_plugin_paths=result.custom_plugin_paths,
-                exclude_lines_regex=result.exclude_lines,
-                automaton=automaton,
-                should_verify_secrets=False,
-                **plugin
-            ) for plugin in data['plugins_used']
-        )
+        plugins = []
+        for plugin in data['plugins_used']:
+            plugin_classname = plugin.pop('name')
+            plugins.append(
+                initialize.from_plugin_classname(
+                    plugin_classname,
+                    exclude_lines_regex=result.exclude_lines,
+                    automaton=automaton,
+                    should_verify_secrets=True,
+                    **plugin
+                ),
+            )
+        result.plugins = tuple(plugins)
 
         for filename in data['results']:
             result.data[filename] = {}

detect_secrets/plugins/base.py

@@ -224,7 +224,7 @@ def adhoc_scan(self, string):
 
         verified_result = VerifiedResult.UNVERIFIED
         for result in results:
-            is_verified = self.verify(result.secret_value)
+            is_verified = self.verify(result.secret_value, string, result)
             if is_verified != VerifiedResult.UNVERIFIED:
                 verified_result = is_verified
                 break

detect_secrets/plugins/high_entropy_strings.py

@@ -27,7 +27,7 @@ class HighEntropyStringsPlugin(BasePlugin):
 
     __metaclass__ = ABCMeta
 
-    def __init__(self, charset, limit, exclude_lines_regex, automaton, *args):
+    def __init__(self, charset, limit, exclude_lines_regex, automaton, *args, **kwargs):
         if limit < 0 or limit > 8:
             raise ValueError(
                 'The limit set for HighEntropyStrings must be between 0.0 and 8.0',
@@ -46,6 +46,8 @@ def __init__(self, charset, limit, exclude_lines_regex, automaton, *args):
         super(HighEntropyStringsPlugin, self).__init__(
             exclude_lines_regex=exclude_lines_regex,
             false_positive_heuristics=false_positive_heuristics,
+            *args,
+            **kwargs
         )
 
     def analyze(self, file, filename, output_raw=False, output_verified_false=False):
@@ -335,6 +337,7 @@ def __init__(self, hex_limit, exclude_lines_regex=None, automaton=None, **kwargs
             limit=hex_limit,
             exclude_lines_regex=exclude_lines_regex,
             automaton=automaton,
+            **kwargs
         )
 
     @classproperty

tests/core/baseline_test.py

@@ -491,7 +491,6 @@ def test_copies_is_secret_label_accurately(self):
             },
 
         }
-        pass
 
 
 class TestMergeResults:

tests/core/secrets_collection_test.py

@@ -344,9 +344,13 @@ def test_load_baseline_from_string_with_point_twelve_point_seven_and_later_strin
             data=word_list,
             namespace='detect_secrets.util.open',
         ):
-            secrets = SecretsCollection.load_baseline_from_string(
+            baseline = SecretsCollection.load_baseline_from_string(
                 json.dumps(original),
-            ).format_for_baseline_output()
+            )
+            for plugin in baseline.plugins:
+                assert plugin.should_verify is True
+
+            secrets = baseline.format_for_baseline_output()
 
         # v0.14.0+ assertions
         assert 'custom_plugin_paths' not in original