search

thoughtworks / talisman

Using a pre-commit hook, Talisman validates the outgoing changeset for things that look suspicious — such as tokens, passwords, and private keys.
https://thoughtworks.github.io/talisman/
MIT License
1.87k stars 241 forks source link

#416 Fix - Files of the same name in sub-folders will be considered a… #455

Open deepthirera opened 2 months ago

deepthirera commented 2 months ago

This PR fixes #416 Issue happens when the repo has multiple files of the same name in different directories. This is because in various scenarios, a function in gitrepo.go checks if a file matches a pattern

`func (a Addition) Matches(pattern string) bool {
    var result bool
    if pattern[len(pattern)-1] == '/' {
        result = strings.HasPrefix(string(a.Path), pattern)
    } else if strings.ContainsRune(pattern, '/') {
        result, _ = path.Match(pattern, string(a.Path))
    } else {
        result, _ = path.Match(pattern, string(a.Name))
    }
`

The last condition matches against the file name a.Name and hence it considers both "readme.md" and "sub-folder/readme.md" as the same. Both these files are considered the same, but the checksum are different.

So, even if a readme.md is already ignored in .talismanrc, the checksum doesnt match with the file in sub-folder. Hence talisman suggests the same suggestion that is already in talismanrc.

With this fix, in addition to the existing pattern matches, we have a new match that does a string compare of the filepath and the given pattern as the final default. With this, all these patterns are allowed. sub-folder/, sub-folder/, .txt, sub-folder/readme.md, readme.md(this one alone is matched exactly with the file name).