From 706b591462212611c6418c341347e05ee97a4254 Mon Sep 17 00:00:00 2001 From: Carlos Bustillo <20931458+carlosbustillordguez@users.noreply.github.com> Date: Mon, 5 Dec 2022 18:50:51 +0100 Subject: [PATCH] feat: add whitelist support for detect-privat-key hook --- README.md | 8 ++++++++ pre_commit_hooks/detect_private_key.py | 12 +++++++++++- 2 files changed, 19 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 9aa966d..9140b71 100644 --- a/README.md +++ b/README.md @@ -108,6 +108,14 @@ The following arguments are available: #### `detect-private-key` Checks for the existence of private keys. +The following arguments are available: +- `--whitelist` - the filename with with the files (relative path) to whitelist. For example: + + ```yaml + - id: detect-private-key + args: [--whitelist=.detect-private-key.whitelist] + ``` + #### `double-quote-string-fixer` This hook replaces double quoted strings with single quoted strings. diff --git a/pre_commit_hooks/detect_private_key.py b/pre_commit_hooks/detect_private_key.py index cd51f90..87d8a8a 100644 --- a/pre_commit_hooks/detect_private_key.py +++ b/pre_commit_hooks/detect_private_key.py @@ -20,14 +20,24 @@ BLACKLIST = [ def main(argv: Sequence[str] | None = None) -> int: parser = argparse.ArgumentParser() parser.add_argument('filenames', nargs='*', help='Filenames to check') + parser.add_argument( + '--whitelist', + help='The filename with with the files (relative path) to whitelist', + ) args = parser.parse_args(argv) private_key_files = [] + whitelisted_files = '' + + if args.whitelist: + with open(args.whitelist) as f: + whitelisted_files = f.read() for filename in args.filenames: with open(filename, 'rb') as f: content = f.read() - if any(line in content for line in BLACKLIST): + if any(line in content for line in BLACKLIST) \ + and filename not in whitelisted_files: private_key_files.append(filename) if private_key_files: