Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

FileNotFoundError in LineGetter.open_file #604

Open
jsoref opened this issue Aug 23, 2022 · 5 comments
Open

FileNotFoundError in LineGetter.open_file #604

jsoref opened this issue Aug 23, 2022 · 5 comments
Labels
bug The issue describes a malfunctioning aspect of the project. needs more info The issue has been reviewed, but the information provided by the reporter is incomplete. P3 When you get around it. E.g. a fix for non-breaking issue we will work on when there's nothing more

Comments

@jsoref
Copy link
Contributor

jsoref commented Aug 23, 2022

We had a secret referencing a file in the secrets baseline, and then that file was deleted, the next time detect-secrets (v1.2.0) ran, it crashed with:

FileNotFoundError: [Errno 2] No such file or directory: ...

detect-secrets/detect_secrets/audit/common.py

Lines 146 to 148 in 70e6cf6

def open_file(self) -> Iterator[NamedIO]:
"""This is split up into a different function, so it can be overridden if necessary."""
with open(self.filename) as f:

detect-secrets/detect_secrets/audit/common.py

Lines 156 to 158 in 70e6cf6

with self.open_file() as f:
lines = get_transformed_file(f, use_eager_transformers=self.use_eager_transformers)
self._lines = self.raw_lines if not lines else lines

detect-secrets/detect_secrets/audit/common.py

Lines 82 to 90 in 70e6cf6

while True:
if secret.line_number:
try:
lines_to_scan = [line_getter.lines[secret.line_number - 1]]
line_numbers = [secret.line_number - 1]
except IndexError:
raise SecretNotFoundOnSpecifiedLineError(secret.line_number)
else:
lines_to_scan = line_getter.lines

detect-secrets/detect_secrets/audit/report.py

Lines 27 to 43 in 70e6cf6

def generate_report(
baseline_file: str,
class_to_print: SecretClassToPrint = None,
line_getter_factory: Callable[[str], 'LineGetter'] = open_file,
) -> List[Dict[str, Any]]:
secrets: Dict[Tuple[str, str], Any] = {}
for filename, secret in get_baseline_from_file(baseline_file):
verified_result = VerifiedResult.from_secret(secret)
if (
class_to_print is not None and
SecretClassToPrint.from_class(verified_result) != class_to_print
):
continue
# Removal of the stored line number is required to force the complete file scanning to obtain all the secret occurrences. # noqa: E501
secret.line_number = 0
detections = get_raw_secrets_from_file(secret)

detect-secrets/detect_secrets/main.py

Lines 132 to 140 in 70e6cf6

elif args.report:
class_to_print = None
if args.only_real:
class_to_print = audit.report.SecretClassToPrint.REAL_SECRET
elif args.only_false:
class_to_print = audit.report.SecretClassToPrint.FALSE_POSITIVE
print(
json.dumps(
audit.report.generate_report(args.filename[0], class_to_print),

@lorenzodb1 lorenzodb1 added the pending The issue still needs to be reviewed by one of the maintainers. label Aug 24, 2022
@lorenzodb1 lorenzodb1 added bug The issue describes a malfunctioning aspect of the project. P3 When you get around it. E.g. a fix for non-breaking issue we will work on when there's nothing more selected The issue has been selected to be worked on. and removed pending The issue still needs to be reviewed by one of the maintainers. labels Sep 16, 2022
@lorenzodb1
Copy link
Member

Hi @jsoref, thanks for bringing up this issue to us. We will take a look at this issue in the next few days and keep you posted on it. Stay tuned!

@jpdakran
Copy link
Member

@jsoref Hello. I just tested deleting a python file which had existing secrets in the baseline file. This ran fine and the secrets were deleted from the baseline file. Can you provide more information on the file you deleted?

@jpdakran
Copy link
Member

@jsoref Can you please some more information regarding "the next time detect-secrets (v1.2.0) ran"? - Can you explain what command you are running when running detect-secrets? Is it pre-commit or CLI?

@jsoref
Copy link
Contributor Author

jsoref commented Sep 28, 2022

We're using https://github.com/secret-scanner/action/ to wrap detect-secrets.

The code in question is roughly:
https://github.com/secret-scanner/action/blob/33d6b0b0b5f0cd113651222c196e07799d2c3d21/detect-new-secrets.sh#L30-L33

It's possible that the first detect-secret command (scan) failed and the second (audit) ran and failed (and that it perhaps shouldn't have been run if the first failed).

I'll see if I can create a sample repository that can reproduce the problem...

@lorenzodb1 lorenzodb1 added needs more info The issue has been reviewed, but the information provided by the reporter is incomplete. and removed selected The issue has been selected to be worked on. labels Oct 4, 2022
@jsoref
Copy link
Contributor Author

jsoref commented Aug 23, 2023

@Anu48 just tripped on this, I might see if I can get her to create a reduced test case...

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug The issue describes a malfunctioning aspect of the project. needs more info The issue has been reviewed, but the information provided by the reporter is incomplete. P3 When you get around it. E.g. a fix for non-breaking issue we will work on when there's nothing more
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@jsoref @jpdakran @lorenzodb1