From 1461ef9d3d8cd31d32f1a5e07ff5008f3c2f10b2 Mon Sep 17 00:00:00 2001 From: "Clarence \"Sparr\" Risher" Date: Wed, 14 Sep 2022 21:45:06 +0000 Subject: [PATCH 1/3] Expand ~ and ~user in secrets.providers --- git-secrets | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/git-secrets b/git-secrets index 8df3809..cf8628b 100755 --- a/git-secrets +++ b/git-secrets @@ -48,7 +48,7 @@ prepare_commit_msg_hook* prepare-commit-msg hook (internal only)" load_patterns() { git config --get-all secrets.patterns # Execute each provider and use their output to build up patterns - git config --get-all secrets.providers | while read -r cmd; do + git config --get-all --type path secrets.providers | while read -r cmd; do # Only split words on '\n\t ' and strip "\r" from the output to account # for carriage returns being added on Windows systems. Note that this # trimming is done before the test to ensure that the string is not empty. From 3f0db40eeb2f6a5b06a39a4de41179c08a586aad Mon Sep 17 00:00:00 2001 From: "Clarence \"Sparr\" Risher" Date: Wed, 14 Sep 2022 23:08:04 +0000 Subject: [PATCH 2/3] Add path expansion test. Expand --list config query, accumulate exit codes. --- git-secrets | 12 ++++++++++-- test/git-secrets.bats | 8 ++++++++ 2 files changed, 18 insertions(+), 2 deletions(-) diff --git a/git-secrets b/git-secrets index cf8628b..d7f2f6a 100755 --- a/git-secrets +++ b/git-secrets @@ -339,9 +339,17 @@ case "${COMMAND}" in --scan-history) scan_with_fn_or_die "scan_history" "$@" ;; --list) if [ ${GLOBAL} -eq 1 ]; then - git config --global --get-regex secrets.* + RESULT=1 + if git config --global --get-regex --type path "^secrets\.providers$"; then RESULT=0; fi + if git config --global --get-regex "^secrets\.patterns$"; then RESULT=0; fi + if git config --global --get-regex "^secrets\.allowed$"; then RESULT=0; fi + [ $RESULT -eq 0 ] else - git config --get-regex secrets.* + RESULT=1 + if git config --get-regex --type path "^secrets\.providers$"; then RESULT=0; fi + if git config --get-regex "^secrets\.patterns$"; then RESULT=0; fi + if git config --get-regex "^secrets\.allowed$"; then RESULT=0; fi + [ $RESULT -eq 0 ] fi ;; --install) diff --git a/test/git-secrets.bats b/test/git-secrets.bats index b7a5b1c..9edb7b5 100644 --- a/test/git-secrets.bats +++ b/test/git-secrets.bats @@ -311,6 +311,14 @@ load test_helper [ $status -eq 0 ] } +@test "Expands ~ in providers" { + repo_run git-secrets --add-provider -- '~/test' + [ $status -eq 0 ] + repo_run git-secrets --list + [ $status -eq 0 ] + echo "$output" | grep -F "${HOME}/test" +} + @test "--recursive cannot be used with SCAN_*" { repo_run git-secrets --scan -r --cached [ $status -eq 1 ] From 193a2bd6f7ecf70b2f6644c835769d0841608108 Mon Sep 17 00:00:00 2001 From: "Clarence \"Sparr\" Risher" Date: Wed, 14 Sep 2022 23:24:32 +0000 Subject: [PATCH 3/3] Simplify result accumulation for --list --- git-secrets | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/git-secrets b/git-secrets index d7f2f6a..e849049 100755 --- a/git-secrets +++ b/git-secrets @@ -340,15 +340,15 @@ case "${COMMAND}" in --list) if [ ${GLOBAL} -eq 1 ]; then RESULT=1 - if git config --global --get-regex --type path "^secrets\.providers$"; then RESULT=0; fi - if git config --global --get-regex "^secrets\.patterns$"; then RESULT=0; fi - if git config --global --get-regex "^secrets\.allowed$"; then RESULT=0; fi + git config --global --get-regex --type path "^secrets\.providers$" && RESULT=0 + git config --global --get-regex "^secrets\.patterns$" && RESULT=0 + git config --global --get-regex "^secrets\.allowed$" && RESULT=0 [ $RESULT -eq 0 ] else RESULT=1 - if git config --get-regex --type path "^secrets\.providers$"; then RESULT=0; fi - if git config --get-regex "^secrets\.patterns$"; then RESULT=0; fi - if git config --get-regex "^secrets\.allowed$"; then RESULT=0; fi + git config --get-regex --type path "^secrets\.providers$" && RESULT=0 + git config --get-regex "^secrets\.patterns$" && RESULT=0 + git config --get-regex "^secrets\.allowed$" && RESULT=0 [ $RESULT -eq 0 ] fi ;;