detect-secrets audit file issue #272
Comments
|
@Staggerlee011, what does your baseline file look like? |
|
hi wouldnt let me upload to here so posted it to link |
|
hey @domanchi can you make sense of it? |
|
Hey same issue here, but this is on 0.13.1 Without pre-commit: I'm still trying to investigate why this would be the case but it looks like the actual error is not logged according to: https://github.com/Yelp/detect-secrets/blob/master/detect_secrets/core/secrets_collection.py LINE 63. I don't have a python build setup. Anyone know why this might be happening? EDIT: I tried to create a toy example to see if I could get a stack trace with this: import os
from detect_secrets import VERSION
from detect_secrets.core.baseline import get_secrets_not_in_baseline
from detect_secrets.core.baseline import trim_baseline_of_removed_secrets
from detect_secrets.core.common import write_baseline_to_file
from detect_secrets.core.log import get_logger
from detect_secrets.core.secrets_collection import SecretsCollection
from detect_secrets.core.usage import ParserBuilder
from detect_secrets.plugins.common import initialize
from detect_secrets.util import build_automaton
log = get_logger(format_string='%(message)s')
def get_baseline(baseline_filename):
"""
:raises: IOError
:raises: ValueError
"""
if not baseline_filename:
return
fileContents = _get_baseline_string_from_file(
baseline_filename,
)
log.error(fileContents[2:])
return SecretsCollection.load_baseline_from_string(
fileContents[2:]
)
def _get_baseline_string_from_file(filename): # pragma: no cover
"""Breaking this function up for mockability."""
try:
with open(filename) as f:
return f.read()
except IOError:
log.error(
'Unable to open baseline file: {}\n'
'Please create it via\n'
' `detect-secrets scan > {}`\n'
.format(filename, filename),
)
raise
get_baseline(".secrets.baseline")This generated the following exception: So it looks like the exception is coming from the JSON lib. I stripped down the baseline file to just the generated_at key and added a log statement to see what JSON is being passed to There's two garbage characters at the beginning. So I modified the toy example with: return SecretsCollection.load_baseline_from_string(
fileContents[2:]
)The two characters are removed, but the JSON lib still generates the following exception: I don't know anything about python so apologies if this is way off base, but I suspect there's some sort of environment issue or version mismatch with Anyone else have an idea? EDIT: Found the issue! The characters at the beginning was the clue. I work in a multi-lingual environment, and set my Powershell default encoding export to something other than UTF-8 to test the output of a different console program. .secrets.baseline was saved as UTF-16LE. I resaved the file as UTF-8 and everything is happy now 😌 . If something else comes up I'll report back. |
|
Great Find! Was facing the same issue, somehow the .secrets.baseline was encoded as UCS-2 LE BOM. Changing the encoding to UTF-8 started working for me again. |
|
This will be added to the FAQ. Closing as done. |
Getting the same error. I checked the default encoding it is set to UTF-8. This is on v1.1.0 running Python 3.7.9 |
|
The FAQ states "Ensure the file encoding of your baseline file is UTF-8". I believe I have but I'm still seeing the issue. I'm doing this under WSL2 (linux). |
|
Save the file with That way the output will be file -i .secrets.baseline
.secrets.baseline: text/plain; charset=utf-8 |
Hi,
When i run a audit of a baseline i get the error:
Not a valid baseline file!runing on Windows 10, pip install of detect-secrets
Setting up baseline:
detect-secrets scan > .secrets.baselineRunning the audit:
detect-secrets audit .secrets.baselineNot sure how to solve it. any suggestions?
The text was updated successfully, but these errors were encountered: