Closed carhartl closed 3 months ago
Hi, have you found any solution? Thanks!
@carhartl I took your reproduction case and validated that with my patch submitted in #459 it outputs the expected result and an exitcode of 0. There's a bit of nuance in that it WILL report it as "low" but won't fail the build by returning an exitcode != 0, which is the behavior I would want and what seems to be supported by the tool after this patch.
Thank you for having succinct test case I could use (in addition to my own).
❯ cat .talismanrc
custom_severities:
- detector: HexContent
severity: low
threshold: medium
❯ echo "refs/heads/main HEAD refs/heads/main HEAD^1" | ../dist/talisman --githook pre-push
Talisman Scan: 3 / 3 <----------------------------------------------------------------------------------------------------------------------------------------------------------> 100.00%
Talisman Warnings:
+-----------------+----------------------------------------------------+----------+
| FILE | WARNINGS | SEVERITY |
+-----------------+----------------------------------------------------+----------+
| testing/foo.txt | Expected file to not contain | low |
| | hex encoded texts such as: | |
| | 5ba6ef628df0b7c21e8d6bf6235d32914effa0d0de62d8e... | |
+-----------------+----------------------------------------------------+----------+
Please review the above file(s) to make sure that no sensitive content is being pushed
Talisman done in 33.960458ms
talisman/testing on testing [$!?]
❯ echo $status
0
@lizc126 When #459 is reviewed and merged it will work.
Describe the bug I don't seem to be able to make use of custom severities when using talisman within a pre-push hook.
To Reproduce Steps to reproduce the behavior:
(Mimicking a pre-push hook in the last command.)
Output:
Expected behavior Talisman does not report hex encoded text with high severity, no detections should have been reported respecting the threshold.
Environment: