reddybhaskarvengala
commented
1 year ago Hi @lorenzodb1 any update on this?
Open reddybhaskarvengala opened 2 years ago
reddybhaskarvengala
commented
1 year ago Hi @lorenzodb1 any update on this?
geekNero
commented
1 year ago Hey, this is mentioned in the docs, to avoid this you can do the following: go to detect-secrets/detect_secrets/core/potential_secret.py on line number 53, you'll find a list. In that list add another parameter "line_number". So it should look something like this: self.fields_to_compare = ['filename', 'secret_hash', 'type', 'line_number']
a-weiss-programmer
commented
11 months ago I'm running into this issue as well.
Would it be worth adding a command line flag/programmatic setting of this behavior?
geekNero
commented
11 months ago I'll give it a go but the devs have been inactive for a while, I doubt they'll accept it. Still I'll drop the link to my forked repository.
lorenzodb1
commented
10 months ago Hello everyone, apologies for the delayed reply. I've gathered some context around this issue and it turns out that this is actually a feature ™. Jokes aside, the idea behind this is that if detect-secrets flags a secret in a file, a developer would look for other instances of the same secret in it. Now, I personally do like the idea of flagging all instances, but the change is not trivial. #527 would help a lot, and I'm pushing for it to be merged as soon as possible. In the meantime, forgive us and stay tuned for more updates :)
reddybhaskarvengala
commented
10 months ago Hi @lorenzodb1 thank you for the update.
If the secret written into a file at multiple locations, only the first one being identified by detect-secrets. Remaining instances are not getting reported by detect-secrets.
Example code in demo.txt
Now run the detect-secrets scan on the above file and observe that the issue will be reported only at the line 1 and it is not reported the line number 3.