Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

detect-secrets not identifying all the secret occurrences in a file #493

Open
reddybhaskarvengala opened this issue Nov 19, 2021 · 6 comments
Open

detect-secrets not identifying all the secret occurrences in a file #493

reddybhaskarvengala opened this issue Nov 19, 2021 · 6 comments
Labels
enhancement The issue is related to improving a certain aspect of the project. triaged The issue has been reviewed but has not been solved yet.

Comments

@reddybhaskarvengala
Copy link

If the secret written into a file at multiple locations, only the first one being identified by detect-secrets. Remaining instances are not getting reported by detect-secrets.

Example code in demo.txt

  1. secret="abcd"
  2. random code
  3. secret="abcd"

Now run the detect-secrets scan on the above file and observe that the issue will be reported only at the line 1 and it is not reported the line number 3.
@lorenzodb1 lorenzodb1 mentioned this issue Apr 1, 2022
Open
@lorenzodb1 lorenzodb1 added the pending The issue still needs to be reviewed by one of the maintainers. label Jun 15, 2022
@reddybhaskarvengala
Copy link
Author

Hi @lorenzodb1 any update on this?

@geekNero
Copy link

Hey, this is mentioned in the docs, to avoid this you can do the following:
go to detect-secrets/detect_secrets/core/potential_secret.py on line number 53, you'll find a list. In that list add another parameter "line_number". So it should look something like this: self.fields_to_compare = ['filename', 'secret_hash', 'type', 'line_number']

@a-weiss-programmer
Copy link

I'm running into this issue as well.

Would it be worth adding a command line flag/programmatic setting of this behavior?

@geekNero
Copy link

I'll give it a go but the devs have been inactive for a while, I doubt they'll accept it. Still I'll drop the link to my forked repository.

@lorenzodb1
Copy link
Member

Hello everyone, apologies for the delayed reply. I've gathered some context around this issue and it turns out that this is actually a feature ™. Jokes aside, the idea behind this is that if detect-secrets flags a secret in a file, a developer would look for other instances of the same secret in it. Now, I personally do like the idea of flagging all instances, but the change is not trivial. #527 would help a lot, and I'm pushing for it to be merged as soon as possible. In the meantime, forgive us and stay tuned for more updates :)

@reddybhaskarvengala
Copy link
Author

Hi @lorenzodb1 thank you for the update.

@lorenzodb1 lorenzodb1 mentioned this issue May 9, 2024
Closed
@lorenzodb1 lorenzodb1 added triaged The issue has been reviewed but has not been solved yet. enhancement The issue is related to improving a certain aspect of the project. and removed pending The issue still needs to be reviewed by one of the maintainers. labels May 16, 2024
@karamuz karamuz mentioned this issue Jun 20, 2024
Open
1 task
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement The issue is related to improving a certain aspect of the project. triaged The issue has been reviewed but has not been solved yet.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@lorenzodb1 @a-weiss-programmer @reddybhaskarvengala @geekNero