Description
Describe the bug
The proposed .talismanrc format of a --githook report might contain checksums that have no effect when used in the .talismanrc file, so the same finding is reported again on next run.
Seems to happen with files whose name is used multiple times within the repository folder structure, typically readmes or scripts.
To Reproduce
git init
mkdir -p sub-folder
echo 'hello world' > sub-folder/readme.md
echo 'password = "some-secret-value"' > readme.md
git add *
talisman --githook pre-commit
When putting the reported fileignoreconfig section into a .talismanrc file and running talisman --githook pre-commit again, the same finding is reported.
Expected behavior
The proposed format by Talisman to whitelist findings should work by simply copy & pasting.
Additional context
There is a workaround by creating the checksum value explicitly via talisman --checksum command, but the typical user would not be aware of that.
Desktop (please complete the following information):
- OS: Ubuntu 22.04 / Windows 10 (GitBash)
- Talisman version: 1.30.0
Frank Seidel frank.seidel@mercedes-benz.com, Mercedes-Benz Tech Innovation GmbH
Provider Information