↪️ Merge pull request #176 from dgzlopes/fix-141-handle-unscannable-files

Improve handle of un-scannable files

Author: KevinHock

detect_secrets/core/constants.py

@@ -0,0 +1,28 @@
+# We don't scan files with these extensions.
+# NOTE: We might be able to do this better with
+#       `subprocess.check_output(['file', filename])`
+#       and look for "ASCII text", but that might be more expensive.
+#
+#       Definitely something to look into, if this list gets unruly long.
+IGNORED_FILE_EXTENSIONS = {
+    '7z',
+    'bmp',
+    'bz2',
+    'dmg',
+    'exe',
+    'gif',
+    'gz',
+    'ico',
+    'jar',
+    'jpg',
+    'jpeg',
+    'png',
+    'rar',
+    'realm',
+    's7z',
+    'tar',
+    'tif',
+    'tiff',
+    'webp',
+    'zip',
+}

detect_secrets/core/secrets_collection.py

@@ -8,6 +8,7 @@
 from time import strftime
 
 from detect_secrets import VERSION
+from detect_secrets.core.constants import IGNORED_FILE_EXTENSIONS
 from detect_secrets.core.log import log
 from detect_secrets.core.potential_secret import PotentialSecret
 from detect_secrets.plugins.common import initialize
@@ -200,7 +201,8 @@ def scan_file(self, filename, filename_key=None):
 
         if os.path.islink(filename):
             return False
-
+        if os.path.splitext(filename)[1] in IGNORED_FILE_EXTENSIONS:
+            return False
         try:
             with codecs.open(filename, encoding='utf-8') as f:
                 self._extract_secrets_from_file(f, filename_key)