Merge pull request #76 from chriskuehl/private-key-print-only-filename

detect_private_key: print *filenames*, not the key
2026-04-07 04:26:52 +00:00 · 2015-08-01 20:08:17 -04:00 · 2015-08-01 20:08:17 -04:00 · 003e43251a
commit 003e43251a
parent 5dd2605fbe ca2be345a1
2 changed files with 11 additions and 5 deletions
--- a/pre_commit_hooks/detect_private_key.py
+++ b/pre_commit_hooks/detect_private_key.py
@ -3,6 +3,12 @@ from __future__ import print_function
 import argparse
 import sys
 BLACKLIST = [
    b'BEGIN RSA PRIVATE KEY',
    b'BEGIN DSA PRIVATE KEY',
    b'BEGIN EC PRIVATE KEY',
 ]
 def detect_private_key(argv=None):
    parser = argparse.ArgumentParser()
@ -12,11 +18,10 @@ def detect_private_key(argv=None):
    private_key_files = []
    for filename in args.filenames:
-        content = open(filename, 'rb').read()
+        with open(filename, 'rb') as f:
-        if b'BEGIN RSA PRIVATE KEY' in content:
+            content = f.read()
-            private_key_files.append(content)
+            if any(line in content for line in BLACKLIST):
-        if b'BEGIN DSA PRIVATE KEY' in content:
+                private_key_files.append(filename)
            private_key_files.append(content)
    if private_key_files:
        for private_key_file in private_key_files:
--- a/tests/detect_private_key_test.py
+++ b/tests/detect_private_key_test.py
@ -8,6 +8,7 @@ from pre_commit_hooks.detect_private_key import detect_private_key
 TESTS = (
    (b'-----BEGIN RSA PRIVATE KEY-----', 1),
    (b'-----BEGIN DSA PRIVATE KEY-----', 1),
    (b'-----BEGIN EC PRIVATE KEY-----', 1),
    (b'ssh-rsa DATA', 0),
    (b'ssh-dsa DATA', 0),
    # Some arbitrary binary data