Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: add exclude-entropy-patterns #192

Merged
merged 6 commits into from
Jun 15, 2021
Merged

feat: add exclude-entropy-patterns #192

merged 6 commits into from
Jun 15, 2021

Conversation

dclayton-godaddy
Copy link
Contributor

Add the ability to exclude entropy patterns. This will allow flagged entropy rules using regular expressions for all files or specific files.

To help us get this pull request reviewed and merged quickly, please be sure to include the following items:

  • Tests (if applicable)
  • Documentation (if applicable)
  • Changelog entry
  • A full explanation here in the PR description of the work done

PR Type

What kind of change does this PR introduce?

  • Bugfix
  • Feature
  • Code style update (formatting, local variables)
  • Refactoring (no functional changes, no api changes)
  • Build related changes
  • CI related changes
  • Documentation content changes
  • Tests
  • Other

Backward Compatibility

Is this change backward compatible with the most recently released version? Does it introduce changes which might change the user experience in any way? Does it alter the API in any way?

  • Yes (backward compatible)
  • No (breaking changes)

Issue Linking

What's new?

  • added exclude-entropy-patterns option

@dclayton-godaddy dclayton-godaddy requested a review from a team as a code owner June 11, 2021 14:29
@dclayton-godaddy dclayton-godaddy marked this pull request as draft June 11, 2021 14:42
@dclayton-godaddy dclayton-godaddy force-pushed the exclude-entropy branch 2 times, most recently from b7a9fe7 to 23e380d Compare June 11, 2021 17:10
@dclayton-godaddy
feat: add exclude-entropy-patterns
5d23f93 
Add the ability to exclude entropy patterns. This will allow flagged entropy rules using regular expressions for all files or specific files.
@dclayton-godaddy dclayton-godaddy marked this pull request as ready for review June 11, 2021 18:03
@dclayton-godaddy
Copy link
Contributor Author

ci / tox (windows-latest, 3.6) (pull_request)fails on main build as well. See https://github.com/godaddy/tartufo/runs/2805575957?check_suite_focus=true

@tarkatronic
Copy link
Contributor

ci / tox (windows-latest, 3.6) (pull_request)fails on main build as well. See https://github.com/godaddy/tartufo/runs/2805575957?check_suite_focus=true

This is unrelated to your changes. I've been doing some hunting and found tox-dev/tox#2077 and tox-dev/tox#1570. Unfortunately neither of those have a solution. But I have a suspicion as to what might be causing it; I added environment caching yesterday. The run that initially primed the cache passed, but subsequent runs have failed. I don't know why this would only trigger on windows/3.6, but I'm going to try digging into that separately.

With that in mind, I don't think we need to consider that a blocker for this PR.

tarkatronic
tarkatronic suggested changes Jun 11, 2021
View reviewed changes
Copy link
Contributor

@tarkatronic tarkatronic left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is great! I love the new feature; this will be a huge help to our users.

I just have 2 small changes I flagged (and one that's more of a knowledge share than anything), and then we should be able to get this merged in!

tartufo/config.py Outdated Show resolved Hide resolved
tartufo/scanner.py Outdated Show resolved Hide resolved
tartufo/scanner.py Show resolved Hide resolved
rbailey-godaddy
rbailey-godaddy approved these changes Jun 14, 2021
View reviewed changes
Copy link
Contributor

@rbailey-godaddy rbailey-godaddy left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks okay to me.

I spent a few minutes thinking about whether it is proper to limit these exclusions only to entropy-based detection, or if instead they should be allowed to apply to regex-based alerts as well. (i.e. basically --exclude-patterns instead of --exclude-entropy-patterns) I can't convince myself one way or the other is obviously better, so I'd vote for letting the proposed implementation stand.

sushantmimani
sushantmimani approved these changes Jun 15, 2021
View reviewed changes
Copy link
Contributor

@sushantmimani sushantmimani left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM 🦅

@tarkatronic tarkatronic merged commit 9f615d5 into godaddy:main Jun 15, 2021
@tarkatronic tarkatronic linked an issue Jun 15, 2021 that may be closed by this pull request
Regex-based Exclusions #87
Closed
@tarkatronic tarkatronic mentioned this pull request Jun 15, 2021
Closed
@jpaskhay jpaskhay mentioned this pull request Mar 8, 2023
Merged
15 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@tarkatronic tarkatronic tarkatronic approved these changes

@sushantmimani sushantmimani sushantmimani approved these changes

@rbailey-godaddy rbailey-godaddy rbailey-godaddy approved these changes

@beardedeagle beardedeagle Awaiting requested review from beardedeagle

@rfox-godaddy rfox-godaddy Awaiting requested review from rfox-godaddy

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Regex-based Exclusions
4 participants
@dclayton-godaddy @tarkatronic @sushantmimani @rbailey-godaddy