Merge pull request #450 from begoon/master

Skip empty key variables in detect_aws_credentials
2026-03-29 10:16:52 +00:00 · 2020-02-13 09:18:39 -08:00 · 2020-02-13 09:18:39 -08:00 · 45cb6a35b7
commit 45cb6a35b7
parent a18c5af5d4 b3a28deca7
2 changed files with 3 additions and 1 deletions
--- a/pre_commit_hooks/detect_aws_credentials.py
+++ b/pre_commit_hooks/detect_aws_credentials.py
@ -31,7 +31,7 @@ def get_aws_secrets_from_env() -> Set[str]:
    for env_var in (
        'AWS_SECRET_ACCESS_KEY', 'AWS_SECURITY_TOKEN', 'AWS_SESSION_TOKEN',
    ):
-        if env_var in os.environ:
+        if os.environ.get(env_var):
            keys.add(os.environ[env_var])
    return keys

--- a/tests/detect_aws_credentials_test.py
+++ b/tests/detect_aws_credentials_test.py
@ -47,6 +47,8 @@ def test_get_aws_credentials_file_from_env(env_vars, values):
        ({'AWS_SECRET_ACCESS_KEY': 'foo'}, {'foo'}),
        ({'AWS_SECURITY_TOKEN': 'foo'}, {'foo'}),
        ({'AWS_SESSION_TOKEN': 'foo'}, {'foo'}),
+        ({'AWS_SESSION_TOKEN': ''}, set()),
+        ({'AWS_SESSION_TOKEN': 'foo', 'AWS_SECURITY_TOKEN': ''}, {'foo'}),
        ({'AWS_DUMMY_KEY': 'foo', 'AWS_SECRET_ACCESS_KEY': 'bar'}, {'bar'}),
        (
            {'AWS_SECRET_ACCESS_KEY': 'foo', 'AWS_SECURITY_TOKEN': 'bar'},