detect-secrets icon indicating copy to clipboard operation
detect-secrets copied to clipboard

Published 20 hours ago verified publisher icon Yelp

FileNotFoundError in `LineGetter.open_file`

Open jsoref opened this issue 3 years ago • 5 comments

We had a secret referencing a file in the secrets baseline, and then that file was deleted, the next time detect-secrets (v1.2.0) ran, it crashed with:

FileNotFoundError: [Errno 2] No such file or directory: ...

https://github.com/Yelp/detect-secrets/blob/70e6cf69f2d544a49729039a374d86d7b3e472d9/detect_secrets/audit/common.py#L146-L148

https://github.com/Yelp/detect-secrets/blob/70e6cf69f2d544a49729039a374d86d7b3e472d9/detect_secrets/audit/common.py#L156-L158

https://github.com/Yelp/detect-secrets/blob/70e6cf69f2d544a49729039a374d86d7b3e472d9/detect_secrets/audit/common.py#L82-L90

https://github.com/Yelp/detect-secrets/blob/70e6cf69f2d544a49729039a374d86d7b3e472d9/detect_secrets/audit/report.py#L27-L43

https://github.com/Yelp/detect-secrets/blob/70e6cf69f2d544a49729039a374d86d7b3e472d9/detect_secrets/main.py#L132-L140

jsoref avatar Aug 23 '22 19:08 jsoref

Hi @jsoref, thanks for bringing up this issue to us. We will take a look at this issue in the next few days and keep you posted on it. Stay tuned!

lorenzodb1 avatar Sep 16 '22 17:09 lorenzodb1

@jsoref Hello. I just tested deleting a python file which had existing secrets in the baseline file. This ran fine and the secrets were deleted from the baseline file. Can you provide more information on the file you deleted?

jpdakran avatar Sep 20 '22 18:09 jpdakran

@jsoref Can you please some more information regarding "the next time detect-secrets (v1.2.0) ran"? - Can you explain what command you are running when running detect-secrets? Is it pre-commit or CLI?

jpdakran avatar Sep 27 '22 14:09 jpdakran

We're using https://github.com/secret-scanner/action/ to wrap detect-secrets.

The code in question is roughly: https://github.com/secret-scanner/action/blob/33d6b0b0b5f0cd113651222c196e07799d2c3d21/detect-new-secrets.sh#L30-L33

It's possible that the first detect-secret command (scan) failed and the second (audit) ran and failed (and that it perhaps shouldn't have been run if the first failed).

I'll see if I can create a sample repository that can reproduce the problem...

jsoref avatar Sep 28 '22 02:09 jsoref

@Anu48 just tripped on this, I might see if I can get her to create a reduced test case...

jsoref avatar Aug 23 '23 14:08 jsoref