-
Notifications
You must be signed in to change notification settings - Fork 455
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Exception when auditing multi-line secrets #580
Comments
Hello, Thanks for reaching out. I have fixed this bug and it will be in the newest release of detect-secrets. The fix is related to catching this exception. There is a deeper rooted issue here with the YAML File parser which I do have a work item to tackle very soon. Please see #467 for more info. |
In case anyone wanders by before
|
Hi @hwine, thank you for proposing a way to unblock those who are waiting for the next release of I also wanted to add that you could download the source code in our master branch and run that instead. This might not work for everyone using Finally, I wanted to let everyone here know that we're working on releasing a new version of detect-secrets soon, so hang tight! I'll make sure to send another reply here when that happens. |
Thanks -- if there wasn't already work in flight, I would have opened a PR. But my hack required undoing some of the current work. :/ (The inflight work doesn't allow use of the audit function to mark the false positive as expected.) Thanks for the team's efforts -- releases are hard! This is a extremely valuable project that I rely on daily! |
[This appears to be a new flavor of #227]
Scanning properly detects secrets in a multi-line yaml value, but the audit function raises a
ValueError
exception when trying to display the info.sample yaml file
```yaml - id: example for audit failure keyid: _removed_ passphrase: privatekey: | -----BEGIN PGP PRIVATE KEY BLOCK----- -----END PGP PRIVATE KEY BLOCK----- publickey: | -----BEGIN PGP PUBLIC KEY BLOCK----- -----END PGP PUBLIC KEY BLOCK----- ```Steps to reproduce (with above yaml as
fail.yaml
):The text was updated successfully, but these errors were encountered: