Skip to content

Commit

Permalink
Merge 886fa8c into 17a64dc
Browse files Browse the repository at this point in the history
  • Loading branch information
@jpninanjohn
jpninanjohn committed Oct 28, 2019
2 parents 17a64dc + 886fa8c commit 76bd28f
Show file tree
Hide file tree
Showing 7 changed files with 40 additions and 10 deletions.
10 changes: 8 additions & 2 deletions detector/filecontent_detector.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -129,11 +129,17 @@ func (fc *FileContentDetector) Test(additions []gitrepo.Addition, ignoreConfig T
for ignoredChanHasMore, contentChanHasMore := true, true; ignoredChanHasMore || contentChanHasMore; {
select {
case ignoredFilePath, hasMore := <-ignoredFilePaths:
if !hasMore {
ignoredChanHasMore = false
continue
}
processIgnoredFilepath(ignoredFilePath, result)
ignoredChanHasMore = hasMore
case c, hasMore := <-contents:
if !hasMore {
contentChanHasMore = false
continue
}
processContent(c, result)
contentChanHasMore = hasMore
}
}
}
Expand Down
18 changes: 17 additions & 1 deletion detector/filecontent_detector_test.go
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
package detector

import (
"fmt"
"strings"
"talisman/gitrepo"
"testing"
Expand Down Expand Up @@ -64,10 +65,13 @@ func TestShouldFlagPotentialAWSSecretKeys(t *testing.T) {
content := []byte(awsSecretAccessKey)
filename := "filename"
additions := []gitrepo.Addition{gitrepo.NewAddition(filename, content)}
filePath := additions[0].Path

NewFileContentDetector().Test(additions, TalismanRCIgnore{}, results)
expectedMessage := fmt.Sprintf("Expected file to not to contain base64 encoded texts such as: %s", awsSecretAccessKey)
assert.True(t, results.HasFailures(), "Expected file to not to contain base64 encoded texts")

assert.Equal(t, expectedMessage, getFailureMessages(results, filePath)[0])
assert.Len(t, results.Results, 1)
}

func TestShouldFlagPotentialJWT(t *testing.T) {
Expand All @@ -76,9 +80,13 @@ func TestShouldFlagPotentialJWT(t *testing.T) {
content := []byte(jwt)
filename := "filename"
additions := []gitrepo.Addition{gitrepo.NewAddition(filename, content)}
filePath := additions[0].Path

NewFileContentDetector().Test(additions, TalismanRCIgnore{}, results)
expectedMessage := fmt.Sprintf("Expected file to not to contain base64 encoded texts such as: %s", jwt)
assert.True(t, results.HasFailures(), "Expected file to not to contain base64 encoded texts")
assert.Equal(t, expectedMessage, getFailureMessages(results, filePath)[0])
assert.Len(t, results.Results, 1)
}

func TestShouldFlagPotentialSecretsWithinJavaCode(t *testing.T) {
Expand All @@ -87,9 +95,13 @@ func TestShouldFlagPotentialSecretsWithinJavaCode(t *testing.T) {
content := []byte(dangerousJavaCode)
filename := "filename"
additions := []gitrepo.Addition{gitrepo.NewAddition(filename, content)}
filePath := additions[0].Path

NewFileContentDetector().Test(additions, TalismanRCIgnore{}, results)
expectedMessage := "Expected file to not to contain base64 encoded texts such as: accessKey=\"wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY\";"
assert.True(t, results.HasFailures(), "Expected file to not to contain base64 encoded texts")
assert.Equal(t, expectedMessage, getFailureMessages(results, filePath)[0])
assert.Len(t, results.Results, 1)
}

func TestShouldNotFlagPotentialSecretsWithinSafeJavaCode(t *testing.T) {
Expand Down Expand Up @@ -125,6 +137,7 @@ func TestShouldFlagPotentialSecretsEncodedInHex(t *testing.T) {
NewFileContentDetector().Test(additions, TalismanRCIgnore{}, results)
expectedMessage := "Expected file to not to contain hex encoded texts such as: " + hex
assert.Equal(t, expectedMessage, getFailureMessages(results, filePath)[0])
assert.Len(t, results.Results, 1)
}

func TestResultsShouldContainHexTextsIfHexAndBase64ExistInFile(t *testing.T) {
Expand All @@ -141,6 +154,7 @@ func TestResultsShouldContainHexTextsIfHexAndBase64ExistInFile(t *testing.T) {
expectedMessage := "Expected file to not to contain hex encoded texts such as: " + hex
messageReceived := strings.Join(getFailureMessages(results, filePath), " ")
assert.Regexp(t, expectedMessage, messageReceived, "Should contain hex detection message")
assert.Len(t, results.Results, 1)
}

func TestResultsShouldContainBase64TextsIfHexAndBase64ExistInFile(t *testing.T) {
Expand All @@ -157,6 +171,7 @@ func TestResultsShouldContainBase64TextsIfHexAndBase64ExistInFile(t *testing.T)
expectedMessage := "Expected file to not to contain base64 encoded texts such as: " + base64
messageReceived := strings.Join(getFailureMessages(results, filePath), " ")
assert.Regexp(t, expectedMessage, messageReceived, "Should contain base64 detection message")
assert.Len(t, results.Results, 1)
}

func TestResultsShouldContainCreditCardNumberIfCreditCardNumberExistInFile(t *testing.T) {
Expand All @@ -170,6 +185,7 @@ func TestResultsShouldContainCreditCardNumberIfCreditCardNumberExistInFile(t *te
NewFileContentDetector().Test(additions, TalismanRCIgnore{}, results)
expectedMessage := "Expected file to not to contain credit card numbers such as: " + creditCardNumber
assert.Equal(t, expectedMessage, getFailureMessages(results, filePath)[0])
assert.Len(t, results.Results, 1)
}

func getFailureMessages(results *DetectionResults, filePath gitrepo.FilePath) []string {
Expand Down
10 changes: 8 additions & 2 deletions detector/pattern_detector.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -44,11 +44,17 @@ func (detector PatternDetector) Test(additions []gitrepo.Addition, ignoreConfig
for ignoredChanHasMore, matchChanHasMore := true, true; ignoredChanHasMore || matchChanHasMore; {
select {
case match, hasMore := <-matches:
if !hasMore {
matchChanHasMore = false
continue
}
detector.processMatch(match, result)
matchChanHasMore = hasMore
case ignore, hasMore := <-ignoredFilePaths:
if !hasMore {
ignoredChanHasMore = false
continue
}
detector.processIgnore(ignore, result)
ignoredChanHasMore = hasMore
}
}
}
Expand Down
1 change: 1 addition & 0 deletions detector/pattern_detector_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -39,6 +39,7 @@ func shouldPassDetectionOfSecretPattern(filename string, content []byte, t *test
NewPatternDetector().Test(additions, TalismanRCIgnore{}, results)
expected := "Potential secret pattern : " + string(content)
assert.Equal(t, expected, getFailureMessage(results, additions))
assert.Len(t, results.Results, 1)
}

func getFailureMessage(results *DetectionResults, additions []gitrepo.Addition) string {
Expand Down
5 changes: 2 additions & 3 deletions gitrepo/gitrepo.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -92,14 +92,13 @@ func (repo GitRepo) GetDiffForStagedFiles() []Addition {
stagedChanges := repo.extractAdditions(additionContentBuffer.String())
if stagedChanges != nil {
addition := NewAddition(additionFilename, stagedChanges)
result = append(
result, addition,
)
result = append(result, addition)
}

log.WithFields(log.Fields{
"additions": result,
}).Debug("Generating staged additions.")

return result
}

Expand Down
3 changes: 1 addition & 2 deletions go.mod
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,8 +10,7 @@ require (
github.com/mattn/go-colorable v0.1.2 // indirect
github.com/mattn/go-runewidth v0.0.4 // indirect
github.com/mattn/goveralls v0.0.3 // indirect
github.com/mitchellh/gox v0.4.0 // indirect
github.com/mitchellh/iochan v1.0.0 // indirect
github.com/mitchellh/gox v1.0.1 // indirect
github.com/olekukonko/tablewriter v0.0.1
github.com/pmezard/go-difflib v1.0.0 // indirect
github.com/spf13/pflag v1.0.3
Expand Down
3 changes: 3 additions & 0 deletions go.sum
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@ github.com/drhodes/golorem v0.0.0-20120624033213-6e38d8d5e455/go.mod h1:NsKVpF4h
github.com/fatih/color v1.0.0/go.mod h1:Zm6kSWBoL9eyXnKyktHP6abPY2pDugNf5KwzbycvMj4=
github.com/fatih/color v1.7.0 h1:DkWD4oS2D8LGGgTQ6IvwJJXSL5Vp2ffcQg58nFV38Ys=
github.com/fatih/color v1.7.0/go.mod h1:Zm6kSWBoL9eyXnKyktHP6abPY2pDugNf5KwzbycvMj4=
github.com/hashicorp/go-version v1.0.0/go.mod h1:fltr4n8CU8Ke44wwGCBoEymUuxUHl09ZGVZPK5anwXA=
github.com/mattn/go-colorable v0.1.2 h1:/bC9yWikZXAL9uJdulbSfyVNIR3n3trXl+v8+1sx8mU=
github.com/mattn/go-colorable v0.1.2/go.mod h1:U0ppj6V5qS13XJ6of8GYAs25YV2eR4EVcfRqFIhoBtE=
github.com/mattn/go-isatty v0.0.8 h1:HLtExJ+uU2HOZ+wI0Tt5DtUDrx8yhUqDcp7fYERX4CE=
Expand All @@ -21,6 +22,8 @@ github.com/mattn/goveralls v0.0.3 h1:GnFhBAK0wJmxZBum88FqDzcDPLjAk9sL0HzhmW+9bo8
github.com/mattn/goveralls v0.0.3/go.mod h1:8d1ZMHsd7fW6IRPKQh46F2WRpyib5/X4FOpevwGNQEw=
github.com/mitchellh/gox v0.4.0 h1:lfGJxY7ToLJQjHHwi0EX6uYBdK78egf954SQl13PQJc=
github.com/mitchellh/gox v0.4.0/go.mod h1:Sd9lOJ0+aimLBi73mGofS1ycjY8lL3uZM3JPS42BGNg=
github.com/mitchellh/gox v1.0.1 h1:x0jD3dcHk9a9xPSDN6YEL4xL6Qz0dvNYm8yZqui5chI=
github.com/mitchellh/gox v1.0.1/go.mod h1:ED6BioOGXMswlXa2zxfh/xdd5QhwYliBFn9V18Ap4z4=
github.com/mitchellh/iochan v1.0.0 h1:C+X3KsSTLFVBr/tK1eYN/vs4rJcvsiLU338UhYPJWeY=
github.com/mitchellh/iochan v1.0.0/go.mod h1:JwYml1nuB7xOzsp52dPpHFffvOCDupsG0QubkSMEySY=
github.com/olekukonko/tablewriter v0.0.1 h1:b3iUnf1v+ppJiOfNX4yxxqfWKMQPZR5yoh8urCTFX88=
Expand Down

0 comments on commit 76bd28f

Please sign in to comment.