From 2a384dd8b8a25fcd5f14a3ca3a28403d95568ca6 Mon Sep 17 00:00:00 2001 From: Matt Gaspar <79115783+mgaspar-godaddy@users.noreply.github.com> Date: Tue, 16 Aug 2022 16:35:47 -0700 Subject: [PATCH] Output reasons for signatures in verbose mode Potential fix for Issue #342 --- tartufo/scanner.py | 13 +++++++------ tartufo/util.py | 4 ++-- 2 files changed, 9 insertions(+), 8 deletions(-) diff --git a/tartufo/scanner.py b/tartufo/scanner.py index 7288f9fb..d0ca5794 100755 --- a/tartufo/scanner.py +++ b/tartufo/scanner.py @@ -384,21 +384,21 @@ def excluded_signatures(self) -> Tuple[str, ...]: :returns: The signatures to be excluded from scan results """ if self._excluded_signatures is None: - signatures: Set[str] = set() + signatures: Set[Dict[str, str]] = [] deprecated = False for signature in tuple( self.global_options.exclude_signatures or [] ) + tuple(self.config_data.get("exclude_signatures", [])): if isinstance(signature, dict): try: - signatures.add(signature["signature"]) + signatures.append(signature) except KeyError as exc: raise types.ConfigException( "Required key signature missing in exclude-signatures" ) from exc elif isinstance(signature, str): deprecated = True - signatures.add(signature) + signatures.append({"signature": signature}) else: raise types.ConfigException( f"{type(signature).__name__} signature is illegal in exclude-signatures" @@ -411,7 +411,7 @@ def excluded_signatures(self) -> Tuple[str, ...]: "reason of excluding the signature'}]", DeprecationWarning, ) - self._excluded_signatures = tuple(signatures) + self._excluded_signatures = list(signatures) return self._excluded_signatures def signature_is_excluded(self, blob: str, file_path: str) -> bool: @@ -420,10 +420,11 @@ def signature_is_excluded(self, blob: str, file_path: str) -> bool: :param blob: The piece of data which is being scanned :param file_path: The path and file name for the data being scanned """ + signature = [str(excluded_signature["signature"]) for excluded_signature in self.excluded_signatures] return ( blob - in self.excluded_signatures # Signatures themselves pop up as entropy matches - or util.generate_signature(blob, file_path) in self.excluded_signatures + in signature # Signatures themselves pop up as entropy matches + or util.generate_signature(blob, file_path) in signature ) @staticmethod diff --git a/tartufo/util.py b/tartufo/util.py index 014cfc62..5f9b4a7e 100644 --- a/tartufo/util.py +++ b/tartufo/util.py @@ -72,7 +72,7 @@ def echo_result( "output_dir": str(output_dir) if output_dir else None, "excluded_paths": [str(path.pattern) for path in scanner.excluded_paths], "excluded_signatures": [ - str(signature) for signature in scanner.excluded_signatures + str(signature["signature"]) for signature in scanner.excluded_signatures ], "exclude_entropy_patterns": [ str(pattern) for pattern in options.exclude_entropy_patterns @@ -112,7 +112,7 @@ def echo_result( click.echo("\nExcluded paths:") click.echo("\n".join([str(path) for path in scanner.excluded_paths])) click.echo("\nExcluded signatures:") - click.echo("\n".join(scanner.excluded_signatures)) + click.echo("\n".join([str(signature) for signature in scanner.excluded_signatures])) click.echo("\nExcluded entropy patterns:") click.echo("\n".join(str(path) for path in scanner.excluded_entropy))