-
Notifications
You must be signed in to change notification settings - Fork 481
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add a (b)ack option to 'Is this a valid secret?' Closes Issue #63 #72
Conversation
.gitignore
Outdated
@@ -1,6 +1,7 @@ | |||
*.egg-info | |||
*.py[co] | |||
*.sw[op] | |||
.secrets.baseline |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
.secrets.baseline
felt like it should only be in a local copy. I might be mistaken.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ahh, that is confusing, sorry about that, it is purposefully meant to be included in the Git repo though.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks, I re-added it :)
That's really awesome :D 🎈 🍰 🎉 I'll get back to you on Tuesday or Wednesday with possible implementation preferences. |
next call of `__next__` would look like. Does not work properly yet (can only step back if last choice was `s` and counter at top does not decrease properly.
… to check how to do this properly)
Bidirectional iterator looks good! Looking forward to tests! |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks great so far 👍
raise StopIteration | ||
return result | ||
|
||
def next(self): |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Nit: Looping should call the 👍__next__
method directly, so no need for a next
method
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I added next
to be python2 compatible (it was renamed form next
to __next__
from python2 to 3).
However, this does not feel very clean - perhaps you know of a better way? :)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Aha! Very good point, I only tested on Python 3. My bad. I am impressed by how thorough you are 👍
Is there an assumption that secrets in the results of the baseline are in a fixed order? (I mean the lists |
@cleborys: currently, no there isn't. It's a Python dictionary for O(1) access by filename (and because the JSON dump is human readable), but that means key iteration cannot be depended on for order. It's a good point though -- and would simplify testing and other logic. Maybe you would like to work on it as a next PR? =D If we sort the keys before iterating through it, that should fix stuff. |
@domanchi Sorry, I am a bit confused 😅 Currently the audit iterates over all secrets and automatically skips these that already had the I am not completely confident that that would work as stated, because simply removing the "has |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM 🚢 , thanks a bunch for making this 😁
@KevinHock Thanks :) But it is not yet functional! Only the framework with the new iterator works yet, so don't merge 😉 (I don't really know the etiquette yet - I made a pull request already so that you can see whats happening, but I wouldn't remove the [WIP] tag in the title until it is functional and I think I'm done. So I hope your approval doesn't mean that you intend to merge) |
@cleborys, ah, I understand you better now. Yes, the secrets in the list are ordered. One benefit of this is comparing side by side diffs of baselines - and it's very easy to see the changes between iterations. You can quite easily see whether a secret has been removed, added, or appropriately labelled. By reordering the contents, it becomes that much harder to see differences, if applicable. For example, if you start the audit process with pre-existing audited secrets, but not perform any additional labelling, you would expect no changes to the baseline. If the goal is to allow the e.g. something like
|
@domanchi Cool, I will not mess around with the order then 😅 |
…d merged afterwards. Stepping back now functional.
It seems I had forgotten how Python works ("everything is a pointer") and in the end the necessary changes were much easier. The user decision loop now only loops over secrets which don't have the I expect that everything works as it should now, but I'll add some tests to make sure 😄 |
…. This enables going back and overriding a previous choice with 'skip'
Tests written and passing, manual sanity checks also successful! 🎉 🎈 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM, gonna merge :D
Add going backwards option to 'Is this a valid secret?', closing Issue #63
This would be my first contribution to open source ever - thank you for the "good first issue" flag!
I have not yet figured out how to run the tests properly, else I would try to be test-driven.
The two directions I could see this go in are currently (preferences welcome):
_secret_generator
incore/audit.py
a list instead of a generator and handle indices inaudit_baseline
_secret_generator
to a "bidirectional iterator" object (still goes throughlist
). That adds some overhead, but keeps thefor ... in _secret_generator
ofaudit_baseline
and might makeaudit.py
more readable.