diff --git a/detect_secrets/core/baseline.py b/detect_secrets/core/baseline.py index caea0aac5..9afc4e671 100644 --- a/detect_secrets/core/baseline.py +++ b/detect_secrets/core/baseline.py @@ -5,9 +5,11 @@ import re import subprocess +from detect_secrets import util from detect_secrets.core.log import get_logger from detect_secrets.core.secrets_collection import SecretsCollection + log = get_logger(format_string='%(message)s') @@ -37,13 +39,15 @@ def initialize( exclude_lines=exclude_lines_regex, ) - files_to_scan = list() + files_to_scan = [] for element in path: if os.path.isdir(element): if scan_all_files: files_to_scan.extend(_get_files_recursively(element)) else: - files_to_scan.extend(_get_git_tracked_files(element)) + files = _get_git_tracked_files(element) + if files: + files_to_scan.extend(files) elif os.path.isfile(element): files_to_scan.append(element) else: @@ -268,13 +272,16 @@ def _get_git_tracked_files(rootdir='.'): git_files = subprocess.check_output( [ 'git', + '-C', rootdir, 'ls-files', - rootdir, ], stderr=fnull, ) - return set(git_files.decode('utf-8').split()) + return set([ + util.get_relative_path(rootdir, filename) + for filename in git_files.decode('utf-8').split() + ]) except subprocess.CalledProcessError: return None @@ -284,8 +291,8 @@ def _get_files_recursively(rootdir): This function allows us to do so. """ output = [] - for root, dirs, files in os.walk(rootdir): + for root, _, files in os.walk(rootdir): for filename in files: - output.append(os.path.join(root, filename)) + output.append(util.get_relative_path(root, filename)) return output diff --git a/detect_secrets/util.py b/detect_secrets/util.py index 7a135a42e..b70af4651 100644 --- a/detect_secrets/util.py +++ b/detect_secrets/util.py @@ -8,3 +8,10 @@ def get_root_directory(): '../', ), ) + + +def get_relative_path(root, path): + """Returns relative path, after following symlinks.""" + return os.path.realpath( + os.path.join(root, path), + )[len(os.getcwd() + '/'):]