Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

New AWS regex #397

Merged
merged 3 commits into from
Feb 3, 2021
Merged

New AWS regex #397

merged 3 commits into from
Feb 3, 2021
+27 −0

Conversation

pablosnt
Copy link
Contributor

This pull request includes a new regex to the AWS Key Detector plugin. The regex is found here.

domanchi
domanchi approved these changes Feb 1, 2021
View reviewed changes
Copy link
Contributor

@domanchi domanchi left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I added your PR comments as code comments (for posterity), but otherwise, LGTM.

@pablosnt
Copy link
Contributor Author

pablosnt commented Feb 1, 2021

Everything resolved! Thank you @domanchi

@domanchi
Copy link
Contributor

domanchi commented Feb 3, 2021

Since we don't have a working CI currently:

$ make test
tox
GLOB sdist-make: /Users/aaronloo/Documents/github/detect-secrets/setup.py
py36 inst-nodeps: /Users/aaronloo/Documents/github/detect-secrets/.tox/.tmp/package/1/detect_secrets-0.14.3.zip
py36 installed: appdirs==1.4.4,attrs==20.3.0,certifi==2020.11.8,cfgv==3.2.0,chardet==3.0.4,coverage==4.5.4,detect-secrets==0.14.3,distlib==0.3.1,filelock==3.0.12,flake8==3.5.0,identify==1.5.10,idna==2.10,importlib-metadata==2.1.1,importlib-resources==3.3.0,iniconfig==1.1.1,mccabe==0.6.1,monotonic==1.5,mypy==0.790,mypy-extensions==0.4.3,nodeenv==1.5.0,packaging==20.7,pluggy==0.13.1,pre-commit==2.9.2,py==1.10.0,pyahocorasick==1.4.0,pycodestyle==2.3.1,pyflakes==1.6.0,pyparsing==2.4.7,pytest==6.1.2,PyYAML==5.3.1,requests==2.25.0,responses==0.12.1,six==1.15.0,toml==0.10.2,tox==3.20.1,tox-pip-extensions==1.6.0,typed-ast==1.4.1,typing-extensions==3.7.4.3,unidiff==0.6.0,urllib3==1.26.2,venv-update==3.2.4,virtualenv==20.2.1,zipp==3.4.0
py36 bootstrap: venv-update>=2.1.3
py36 installdeps: -rrequirements-dev.txt
py36 installed: appdirs==1.4.4,attrs==20.3.0,certifi==2020.11.8,cfgv==3.2.0,chardet==3.0.4,coverage==4.5.4,detect-secrets==0.14.3,distlib==0.3.1,filelock==3.0.12,flake8==3.5.0,identify==1.5.10,idna==2.10,importlib-metadata==2.1.1,importlib-resources==3.3.0,iniconfig==1.1.1,mccabe==0.6.1,monotonic==1.5,mypy==0.790,mypy-extensions==0.4.3,nodeenv==1.5.0,packaging==20.7,pluggy==0.13.1,pre-commit==2.9.2,py==1.9.0,pyahocorasick==1.4.0,pycodestyle==2.3.1,pyflakes==1.6.0,pyparsing==2.4.7,pytest==6.1.2,PyYAML==5.3.1,requests==2.25.0,responses==0.12.1,six==1.15.0,toml==0.10.2,tox==3.20.1,tox-pip-extensions==1.6.0,typed-ast==1.4.1,typing-extensions==3.7.4.3,unidiff==0.6.0,urllib3==1.26.2,venv-update==3.2.4,virtualenv==20.2.1,zipp==3.4.0
py36 run-test-pre: PYTHONHASHSEED='3465271867'
py36 run-test: commands[0] | coverage erase
py36 run-test: commands[1] | coverage run -m pytest --strict tests
======================================================================================================================== test session starts ========================================================================================================================
platform darwin -- Python 3.6.8, pytest-6.1.2, py-1.9.0, pluggy-0.13.1
cachedir: .tox/py36/.pytest_cache
rootdir: /Users/aaronloo/Documents/github/detect-secrets
collected 952 items                                                                                                                                                                                                                                                 

tests/main_test.py ...x.....                                                                                                                                                                                                                                  [  0%]
tests/pre_commit_hook_test.py ...X...                                                                                                                                                                                                                         [  1%]
tests/audit/analytics_test.py ...s                                                                                                                                                                                                                            [  2%]
tests/audit/audit_test.py ...........                                                                                                                                                                                                                         [  3%]
tests/audit/compare_test.py .......                                                                                                                                                                                                                           [  3%]
tests/audit/io_test.py ..                                                                                                                                                                                                                                     [  4%]
tests/audit/iterator_test.py ......                                                                                                                                                                                                                           [  4%]
tests/core/baseline_test.py ......x..                                                                                                                                                                                                                         [  5%]
tests/core/potential_secret_test.py ........                                                                                                                                                                                                                  [  6%]
tests/core/scan_test.py ..                                                                                                                                                                                                                                    [  6%]
tests/core/secrets_collection_test.py .....................                                                                                                                                                                                                   [  9%]
tests/core/plugins/initialize_test.py ...........                                                                                                                                                                                                             [ 10%]
tests/core/upgrades/upgrade_to_v1_0_test.py .                                                                                                                                                                                                                 [ 10%]
tests/core/usage/audit_usage_test.py ..                                                                                                                                                                                                                       [ 10%]
tests/core/usage/baseline_usage_test.py .....                                                                                                                                                                                                                 [ 11%]
tests/core/usage/filters_usage_test.py ..                                                                                                                                                                                                                     [ 11%]
tests/core/usage/plugins_usage_test.py .............                                                                                                                                                                                                          [ 12%]
tests/core/usage/scan_usage_test.py .                                                                                                                                                                                                                         [ 12%]
tests/filters/allowlist_filter_test.py ........................                                                                                                                                                                                               [ 15%]
tests/filters/common_filter_test.py .......                                                                                                                                                                                                                   [ 15%]
tests/filters/heuristic_filter_test.py ........................                                                                                                                                                                                               [ 18%]
tests/filters/regex_filter_test.py ..                                                                                                                                                                                                                         [ 18%]
tests/filters/wordlist_filter_test.py ..                                                                                                                                                                                                                      [ 18%]
tests/plugins/artifactory_test.py .........................                                                                                                                                                                                                   [ 21%]
tests/plugins/aws_key_test.py .................                                                                                                                                                                                                               [ 23%]
tests/plugins/azure_storage_key_test.py .                                                                                                                                                                                                                     [ 23%]
tests/plugins/base_test.py .                                                                                                                                                                                                                                  [ 23%]
tests/plugins/basic_auth_test.py ......                                                                                                                                                                                                                       [ 24%]
tests/plugins/cloudant_test.py ......................                                                                                                                                                                                                         [ 26%]
tests/plugins/high_entropy_strings_test.py ...............................                                                                                                                                                                                    [ 29%]
tests/plugins/ibm_cloud_iam_test.py ...................................                                                                                                                                                                                       [ 33%]
tests/plugins/ibm_cos_hmac_test.py ..................................                                                                                                                                                                                         [ 36%]
tests/plugins/jwt_test.py ..............                                                                                                                                                                                                                      [ 38%]
tests/plugins/keyword_test.py ..............................................................................................................................sssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssss [ 61%]
sssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssss                     [ 86%]
tests/plugins/mailchimp_key_test.py ......                                                                                                                                                                                                                    [ 86%]
tests/plugins/npm_test.py ......                                                                                                                                                                                                                              [ 87%]
tests/plugins/private_key_test.py ..                                                                                                                                                                                                                          [ 87%]
tests/plugins/slack_test.py ........                                                                                                                                                                                                                          [ 88%]
tests/plugins/softlayer_test.py ................................................................                                                                                                                                                              [ 95%]
tests/plugins/stripe_key_test.py ....                                                                                                                                                                                                                         [ 95%]
tests/plugins/twilio_test.py ..                                                                                                                                                                                                                               [ 96%]
tests/transformers/config_transformer_test.py ........                                                                                                                                                                                                        [ 96%]
tests/transformers/import_test.py .                                                                                                                                                                                                                           [ 96%]
tests/transformers/yaml_transformer_test.py .xxxxxx.........                                                                                                                                                                                                  [ 98%]
tests/util/code_snippet_test.py ......                                                                                                                                                                                                                        [ 99%]
tests/util/semver_test.py .......                                                                                                                                                                                                                             [100%]

========================================================================================================================= warnings summary ==========================================================================================================================
tests/core/baseline_test.py::TestCreate::test_error_when_getting_git_tracked_files
  /Users/aaronloo/Documents/github/detect-secrets/detect_secrets/core/scan.py:34: UserWarning: Did not detect git repository. Try scanning all files instead.
    log.warning('Did not detect git repository. Try scanning all files instead.')

-- Docs: https://docs.pytest.org/en/stable/warnings.html
================================================================================================ 612 passed, 331 skipped, 8 xfailed, 1 xpassed, 1 warning in 21.81s =================================================================================================
py36 run-test: commands[2] | coverage report --show-missing '--include=tests/*' --fail-under 99
Name                                    Stmts   Miss Branch BrPart  Cover   Missing
-----------------------------------------------------------------------------------
tests/audit/audit_test.py                  55      0     12      1    99%   104->112
tests/audit/compare_test.py                62      0      8      1    99%   114->111
tests/core/baseline_test.py                53      1      0      0    98%   94
tests/core/secrets_collection_test.py     160      0     22      2    99%   181->184, 200->204
tests/filters/common_filter_test.py        42      1      6      0    98%   74
tests/filters/regex_filter_test.py         16      0      4      2    90%   21->exit, 38->exit
tests/main_test.py                         76      3      4      1    95%   176-178, 175->176
tests/plugins/keyword_test.py              47      6      6      0    89%   238, 252, 265, 293, 313, 326
-----------------------------------------------------------------------------------
TOTAL                                    1378     11    114      7    99%

40 files skipped due to complete coverage.
py36 run-test: commands[3] | coverage report --show-missing '--include=testing/*' --fail-under 100
Name    Stmts   Miss Branch BrPart  Cover   Missing
---------------------------------------------------
---------------------------------------------------
TOTAL      62      0      2      0   100%

4 files skipped due to complete coverage.
py36 run-test: commands[4] | coverage report --show-missing --skip-covered '--include=detect_secrets/*' --fail-under 90
Name                                             Stmts   Miss Branch BrPart  Cover   Missing
--------------------------------------------------------------------------------------------
detect_secrets/audit/analytics.py                   43      1     12      0    98%   81
detect_secrets/audit/audit.py                       42      3     14      0    95%   54-64
detect_secrets/audit/common.py                      43      9     10      2    75%   27-32, 46-47, 69, 65->69, 66->65
detect_secrets/audit/compare.py                    107      9     34      5    90%   112, 117, 127, 201-211, 217-218, 220, 111->112, 116->117, 126->127, 216->217, 219->220
detect_secrets/audit/io.py                          55      4     20      2    92%   35, 49-52, 32->35, 98->93
detect_secrets/core/log.py                          23      2      0      0    91%   40-46
detect_secrets/core/plugins/initialize.py           45      5     10      1    89%   25-26, 48-49, 63, 62->63
detect_secrets/core/scan.py                        183     14     98      4    93%   145, 153-155, 163-164, 190, 318-319, 334-335, 397-399, 144->145, 150->exit, 186->190, 310->318
detect_secrets/core/secrets_collection.py          116      4     67      5    95%   20, 70, 80, 134, 69->70, 79->80, 87->78, 133->134, 137->132
detect_secrets/core/upgrades/v1_0.py                39      4     24      3    89%   50, 65, 101-103, 49->50, 55->61, 64->65
detect_secrets/core/usage/__init__.py               80      1     18      3    96%   145, 84->89, 85->84, 144->145
detect_secrets/core/usage/filters.py                24      1     10      2    91%   69, 42->exit, 65->69
detect_secrets/core/usage/plugins.py                54      2     20      2    95%   42, 128, 41->42, 127->128
detect_secrets/exceptions.py                         9      1      0      0    89%   18
detect_secrets/filters/allowlist.py                 33      0     12      1    98%   64->exit
detect_secrets/filters/common.py                    38      1      6      1    95%   61, 60->61
detect_secrets/filters/wordlist.py                  41      2      6      0    96%   21-22
detect_secrets/main.py                              68      3     33      2    95%   122, 131-132, 31->34, 119->122
detect_secrets/plugins/base.py                      67      3     14      3    93%   76, 94, 110, 75->76, 91->94, 96->110
detect_secrets/plugins/cloudant.py                  43      1      8      1    96%   77, 74->77
detect_secrets/plugins/high_entropy_strings.py      76     17     22      2    74%   57-58, 79-87, 90, 106-117, 34->38, 51->57
detect_secrets/plugins/keyword.py                   84     21     29      2    72%   265, 276, 323, 335-388, 264->265, 275->276
detect_secrets/plugins/softlayer.py                 33      1      8      1    95%   45, 42->45
detect_secrets/pre_commit_hook.py                   69      2     24      1    97%   92-96, 91->92
detect_secrets/settings.py                          66      2     21      0    98%   105-106
detect_secrets/transformers/config.py               92      1     34      2    98%   170, 158->165, 169->170
detect_secrets/types.py                             31     10      0      0    68%   13-28, 46
detect_secrets/util/color.py                        10      1      0      0    90%   14
detect_secrets/util/git.py                          23      2      4      1    89%   45-46, 42->40
detect_secrets/util/importlib.py                    51      0     20      1    99%   90->96
detect_secrets/util/semver.py                       26      1     10      0    97%   46
--------------------------------------------------------------------------------------------
TOTAL                                             2453    128    723     47    94%

45 files skipped due to complete coverage.
py36 run-test: commands[5] | pre-commit run --all-files
Check builtin type constructor use.......................................Passed
Check docstring is first.................................................Passed
Debug Statements (Python)................................................Passed
Fix double quoted strings................................................Passed
Fix End of Files.........................................................Passed
Tests should end in _test.py.............................................Passed
Flake8...................................................................Passed
Trim Trailing Whitespace.................................................Passed
Reorder python imports...................................................Passed
Add trailing commas......................................................Passed
autopep8.................................................................Passed
py37 create: /Users/aaronloo/Documents/github/detect-secrets/.tox/py37
SKIPPED: InterpreterNotFound: python3.7
py38 create: /Users/aaronloo/Documents/github/detect-secrets/.tox/py38
SKIPPED: InterpreterNotFound: python3.8
py39 create: /Users/aaronloo/Documents/github/detect-secrets/.tox/py39
SKIPPED: InterpreterNotFound: python3.9
______________________________________________________________________________________________________________________________ summary ______________________________________________________________________________________________________________________________
  py36: commands succeeded
SKIPPED:  py37: InterpreterNotFound: python3.7
SKIPPED:  py38: InterpreterNotFound: python3.8
SKIPPED:  py39: InterpreterNotFound: python3.9
  congratulations :)
tox -e mypy
GLOB sdist-make: /Users/aaronloo/Documents/github/detect-secrets/setup.py
mypy inst-nodeps: /Users/aaronloo/Documents/github/detect-secrets/.tox/.tmp/package/1/detect_secrets-0.14.3.zip
mypy installed: appdirs==1.4.4,attrs==20.3.0,certifi==2020.11.8,cfgv==3.2.0,chardet==3.0.4,coverage==4.5.4,detect-secrets==0.14.3,distlib==0.3.1,filelock==3.0.12,flake8==3.5.0,identify==1.5.10,idna==2.10,importlib-metadata==2.1.1,importlib-resources==3.3.0,iniconfig==1.1.1,mccabe==0.6.1,monotonic==1.5,mypy==0.790,mypy-extensions==0.4.3,nodeenv==1.5.0,packaging==20.7,pluggy==0.13.1,pre-commit==2.9.2,py==1.9.0,pyahocorasick==1.4.0,pycodestyle==2.3.1,pyflakes==1.6.0,pyparsing==2.4.7,pytest==6.1.2,PyYAML==5.3.1,requests==2.25.0,responses==0.12.1,six==1.15.0,toml==0.10.2,tox==3.20.1,tox-pip-extensions==1.6.0,typed-ast==1.4.1,typing-extensions==3.7.4.3,unidiff==0.6.0,urllib3==1.26.2,venv-update==3.2.4,virtualenv==20.2.1,zipp==3.4.0
mypy bootstrap: venv-update>=2.1.3
mypy installdeps: -rrequirements-dev.txt
mypy installed: appdirs==1.4.4,attrs==20.3.0,certifi==2020.11.8,cfgv==3.2.0,chardet==3.0.4,coverage==4.5.4,detect-secrets==0.14.3,distlib==0.3.1,filelock==3.0.12,flake8==3.5.0,identify==1.5.10,idna==2.10,importlib-metadata==2.1.1,importlib-resources==3.3.0,iniconfig==1.1.1,mccabe==0.6.1,monotonic==1.5,mypy==0.790,mypy-extensions==0.4.3,nodeenv==1.5.0,packaging==20.7,pluggy==0.13.1,pre-commit==2.9.2,py==1.9.0,pyahocorasick==1.4.0,pycodestyle==2.3.1,pyflakes==1.6.0,pyparsing==2.4.7,pytest==6.1.2,PyYAML==5.3.1,requests==2.25.0,responses==0.12.1,six==1.15.0,toml==0.10.2,tox==3.20.1,tox-pip-extensions==1.6.0,typed-ast==1.4.1,typing-extensions==3.7.4.3,unidiff==0.6.0,urllib3==1.26.2,venv-update==3.2.4,virtualenv==20.2.1,zipp==3.4.0
mypy run-test-pre: PYTHONHASHSEED='1142084380'
mypy run-test: commands[0] | mypy detect_secrets
Success: no issues found in 76 source files
mypy run-test: commands[1] | mypy testing
Success: no issues found in 4 source files
______________________________________________________________________________________________________________________________ summary ______________________________________________________________________________________________________________________________
  mypy: commands succeeded
  congratulations :)

@domanchi domanchi merged commit 8726299 into Yelp:pre-v1-launch Feb 3, 2021
jimmyhlee94 pushed a commit to jimmyhlee94/detect-secrets that referenced this pull request Aug 19, 2021
@renovate-bot
Update precommit hook pre-commit/pre-commit-hooks to v2.5.0 (Yelp#397)
7e8bf85 
Co-authored-by: Renovate Bot <[email protected]>
Co-authored-by: Victoria M Miltcheva <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@domanchi domanchi domanchi approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@pablosnt @domanchi