From c9087292624457d2da70036dfc8cc381e10ddc9a Mon Sep 17 00:00:00 2001 From: dclayton Date: Tue, 4 Apr 2023 11:49:01 -0700 Subject: [PATCH] fix(signature): avoid generating signatures Avoid generating signatures if no signatures are specified. --- tartufo/scanner.py | 6 +++++- tests/test_base_scanner.py | 9 +++++++++ 2 files changed, 14 insertions(+), 1 deletion(-) diff --git a/tartufo/scanner.py b/tartufo/scanner.py index a6f2ac1c..8fc276b3 100755 --- a/tartufo/scanner.py +++ b/tartufo/scanner.py @@ -425,9 +425,13 @@ def signature_is_excluded(self, blob: str, file_path: str) -> bool: :param blob: The piece of data which is being scanned :param file_path: The path and file name for the data being scanned """ + excluded_signatures = self.excluded_signatures + if len(excluded_signatures) == 0: + return False + return ( blob - in self.excluded_signatures # Signatures themselves pop up as entropy matches + in excluded_signatures # Signatures themselves pop up as entropy matches or util.generate_signature(blob, file_path) in self.excluded_signatures ) diff --git a/tests/test_base_scanner.py b/tests/test_base_scanner.py index 4b15cb1e..900285ac 100644 --- a/tests/test_base_scanner.py +++ b/tests/test_base_scanner.py @@ -322,6 +322,15 @@ def test_rule_patterns_with_rule_patterns_syntax_issue(self): class SignatureTests(ScannerTestCase): + @mock.patch("tartufo.util.generate_signature") + def test_no_signatures_should_not_generate_signature( + self, mock_signature: mock.MagicMock + ): + test_scanner = TestScanner(self.options) + self.options.exclude_signatures = () + mock_signature.assert_not_called() + self.assertFalse(test_scanner.signature_is_excluded("bar", "blah")) + @mock.patch("tartufo.util.generate_signature") def test_matched_signatures_are_excluded(self, mock_signature: mock.MagicMock): mock_signature.return_value = "foo"