fix(scan): path should not ignore not added files even when running o…

…n a git repository - Also add a few excluded by default as they are not ignored in a non git context
GitGuardian · Oct 15, 2021 · 0df0e2f · 0df0e2f
1 parent 8990fda
commit 0df0e2f
Show file tree

Hide file tree

Showing 4 changed files with 42 additions and 3 deletions.
diff --git a/ggshield/dev_scan.py b/ggshield/dev_scan.py
@@ -163,6 +163,8 @@ def path_cmd(
             recursive=recursive,
             yes=yes,
             verbose=config.verbose,
+            # when scanning a path explicitly we should not care if it is a git repository or not
+            ignore_git=True,
         )
         results = files.scan(
             client=ctx.obj["client"],

diff --git a/ggshield/path.py b/ggshield/path.py
@@ -19,6 +19,7 @@ def get_files_from_paths(
     recursive: bool,
     yes: bool,
     verbose: bool,
+    ignore_git: bool = False,
 ) -> Files:
     """
     Create a scan object from files content.
@@ -28,8 +29,9 @@ def get_files_from_paths(
     :param recursive: Recursive option
     :param yes: Skip confirmation option
     :param verbose: Option that displays filepaths as they are scanned
+    :param ignore_git: Ignore that the folder is a git repository
     """
-    filepaths = get_filepaths(paths, paths_ignore, recursive)
+    filepaths = get_filepaths(paths, paths_ignore, recursive, ignore_git=ignore_git)
     files = list(generate_files_from_paths(filepaths, verbose))
 
     if verbose:
@@ -46,13 +48,17 @@ def get_files_from_paths(
 
 
 def get_filepaths(
-    paths: Union[List, str], paths_ignore: Iterable[str], recursive: bool
+    paths: Union[List, str],
+    paths_ignore: Iterable[str],
+    recursive: bool,
+    ignore_git: bool,
 ) -> Set[str]:
     """
     Retrieve the filepaths from the command.
 
     :param paths: List of file/dir paths from the command
     :param recursive: Recursive option
+    :param ignore_git: Ignore that the folder is a git repository
     :raise: click.FileError if directory is given without --recursive option
     """
     targets = set()
@@ -66,7 +72,7 @@ def get_filepaths(
                 )
             top_dir = Path(path)
 
-            if is_git_dir(path):
+            if is_git_dir(path) and not ignore_git:
                 _targets = {os.path.join(path, target) for target in git_ls(path)}
             else:
                 _targets = {str(target) for target in top_dir.rglob(r"*")}

diff --git a/ggshield/utils.py b/ggshield/utils.py
@@ -34,6 +34,12 @@
 PRERECEIVE_TIMEOUT = 4.5
 
 IGNORED_DEFAULT_PATTERNS = [
+    "**/.git/**/*",
+    "**/.pytest_cache/**/*",
+    "**/.mypy_cache/**/*",
+    "**/.venv/**/*",
+    "**/.eggs/**/*",
+    "**/.eggs-info/**/*",
     "**/vendor/**/*",
     "**/vendors/**/*",
     "**/node_modules/**/*",

diff --git a/tests/test_cli.py b/tests/test_cli.py
@@ -435,3 +435,28 @@ def test_ignore_default_excludes_with_flag(cli_fs_runner):
         )
     assert result.exit_code == 1, "node_modules should not have been ignored"
     assert result.exception
+
+
+def test_scan_path_should_detect_non_git_files(cli_fs_runner):
+    """
+    GIVEN a path scan on a git repository
+    WHEN some files are not followed by git
+    THEN those files should still be picked on by ggshield for analysis
+    """
+    os.makedirs("git_repo")
+    os.system(
+        'echo "NPM_TOKEN=npm_xxxxxxxxxxxxxxxxxxxxxxxxxx" > git_repo/committed_file.js'
+    )
+    os.system("git init")
+    os.system("git add .")
+    os.system("git commit -m 'initial commit'")
+    os.system(
+        'echo "NPM_TOKEN=npm_xxxxxxxxxxxxxxxxxxxxxxxxxx" > git_repo/not_committed.js'
+    )
+
+    result = cli_fs_runner.invoke(cli, ["scan", "-v", "path", "--recursive", "."])
+    assert all(
+        string in result.output
+        for string in ["Do you want to continue", "not_committed"]
+    ), "not_committed files not should have been ignored"
+    assert result.exception is None