wemake-python-styleguide icon indicating copy to clipboard operation
wemake-python-styleguide copied to clipboard

Published 20 hours ago verified publisher icon wemake-services

Check for ssh/amazon keys, diffs and other patterns in string variables

Open sobolevn opened this issue 5 years ago • 2 comments

Rule request

Thesis

There are several tools from which we can copy several checks to enforce better security:

  1. https://github.com/landscapeio/dodgy/blob/master/dodgy/checks.py
  2. https://github.com/Yelp/detect-secrets/tree/master/detect_secrets/plugins

There are several simple regexes to copy. And then we can add this check to our tool.

Plan:

  1. A single violation for all of these checks
  2. A collection of regexes that check string / bytes / formatted strings definitions
  3. Lots of tests!

Reasoning

Storing any secrets in strings is a bad idea. Use proper secrets management tool like https://github.com/sobolevn/git-secret

sobolevn avatar Mar 05 '20 06:03 sobolevn

I'll add this rule

PrVrSs avatar Mar 22 '20 22:03 PrVrSs

Thanks a lot!

sobolevn avatar Mar 22 '20 22:03 sobolevn