adding some more tests during lunch

CHANGELOG.md

@@ -1,5 +1,11 @@
 CHANGELOG
 =========
+2.0.0
+----
+- rules introduced in the gitleaks configurationn
+- removing `--entropy` option
+- removing `--single-search` option
+
 1.25.1
 ----
 - Fixing #188

gitleaks.toml

@@ -62,10 +62,26 @@ files = [
 #]
 
 # Additional Examples
+
 # [[rules]]
 # description = "Generic Key"
 # regex = '''(?i)key(.{0,6})?(:|=|=>|:=)'''
 # entropies = ["4.1-4.3"]
 # entropyROI = "line"
 # tags = ["key"]
-
+# severity = "8"
+#
+# [[rules]]
+# description = "Generic Key"
+# regex = '''(?i)key(.{0,6})?(:|=|=>|:=)'''
+# entropies = ["4.1-4.3"]
+# filetypes = [".gee"]
+# entropyROI = "line"
+# tags = ["key"]
+# severity = "medium"
+#
+# [[rules]]
+# description = "Any go file"
+# filetypes = [".go"]
+# tags = ["go files"]
+# severity = "low"

src/constants.go

@@ -14,7 +14,7 @@ const LeakExit = 1
 const defaultConfig = `
 # This is a sample config file for gitleaks. You can configure gitleaks what to search for and what to whitelist.
 # The output you are seeing here is the default gitleaks config. If GITLEAKS_CONFIG environment variable
-# is set, gitleaks will load configurations from that path. If option --config-path is set, gitleaks will load
+# is set, gitleaks will load configurations from that path. If option --config is set, gitleaks will load
 # configurations from that path. Gitleaks does not whitelist anything by default.
 
 title = "gitleaks config"
@@ -64,21 +64,6 @@ description = "Slack"
 regex = '''xox[baprs]-([0-9a-zA-Z]{10,48})?'''
 tags = ["key", "Slack"]
 
-[[rules]]
-description = "Generic Key"
-regex = '''(?i)key(.{0,6})?(:|=|=>|:=)'''
-entropies = ["4.1-4.3"]
-filetypes = [".gee"]
-entropyROI = "line"
-tags = ["key"]
-severity = "medium"
-
-[[rules]]
-description = "Any go file"
-filetypes = [".go"]
-tags = ["go files"]
-severity = "low"
-
 [whitelist]
 files = [
   "(.*?)(jpg|gif|doc|pdf|bin)$"

src/constants_test.go

@@ -0,0 +1,124 @@
+package gitleaks
+
+import (
+	"io/ioutil"
+	"path"
+)
+
+const testWhitelistCommit = `
+[[rules]]
+description = "AWS"
+regex = '''AKIA[0-9A-Z]{16}'''
+
+[whitelist]
+commits = [
+  "eaeffdc65b4c73ccb67e75d96bd8743be2c85973",
+]
+`
+const testWhitelistFile = `
+[[rules]]
+description = "AWS"
+regex = '''AKIA[0-9A-Z]{16}'''
+
+[whitelist]
+files = [
+  ".go",
+]
+`
+
+const testWhitelistRegex = `
+[[rules]]
+description = "AWS"
+regex = '''AKIA[0-9A-Z]{16}'''
+
+[whitelist]
+regexes= [
+  "AKIA",
+]
+`
+
+const testWhitelistRepo = `
+[[rules]]
+description = "AWS"
+regex = '''AKIA[0-9A-Z]{16}'''
+
+[whitelist]
+repos = [
+  "gronit",
+]
+`
+
+const testEntropyRange = `
+[[rules]]
+description = "Entropy ranges"
+entropies = [
+  "7.5-8.0",
+  "3.2-3.4",
+]
+`
+const testBadEntropyRange = `
+[[rules]]
+description = "Bad entropy ranges"
+entropies = [
+  "8.0-3.0",
+]
+`
+const testBadEntropyRange2 = `
+[[rules]]
+description = "Bad entropy ranges"
+entropies = [
+  "8.0-8.9",
+]
+`
+
+const testEntropyLineRegexRange = `
+[[rules]]
+description = "test entropy regex ranges"
+regex = '''(?i)key(.{0,6})?(:|=|=>|:=)'''
+entropies = [
+	"4.1-4.3",
+]
+entropyROI="line"
+`
+
+const testEntropyRegexRange = `
+[[rules]]
+description = "test entropy regex ranges"
+regex = '''(?i)key(.{0,6})?(:|=|=>|:=)'''
+entropies = [
+	"4.1-4.3",
+]
+`
+
+const testMDFileType = `
+[[rules]]
+description = "test only markdown"
+filetypes = [".md"]
+`
+
+const testEntropyRegexRangeGoFilter = `
+[[rules]]
+description = "test entropy regex ranges"
+regex = '''(?i)key(.{0,6})?(:|=|=>|:=)'''
+entropies = [
+	"4.1-4.3",
+]
+filetypes = [".go"]
+entropyROI="line"
+`
+
+func testTomlLoader() string {
+	tmpDir, _ := ioutil.TempDir("", "whiteListConfigs")
+	ioutil.WriteFile(path.Join(tmpDir, "regex"), []byte(testWhitelistRegex), 0644)
+	ioutil.WriteFile(path.Join(tmpDir, "entropyLineRegex"), []byte(testEntropyLineRegexRange), 0644)
+	ioutil.WriteFile(path.Join(tmpDir, "entropyRegex"), []byte(testEntropyRegexRange), 0644)
+	ioutil.WriteFile(path.Join(tmpDir, "commit"), []byte(testWhitelistCommit), 0644)
+	ioutil.WriteFile(path.Join(tmpDir, "file"), []byte(testWhitelistFile), 0644)
+	ioutil.WriteFile(path.Join(tmpDir, "repo"), []byte(testWhitelistRepo), 0644)
+	ioutil.WriteFile(path.Join(tmpDir, "entropy"), []byte(testEntropyRange), 0644)
+	ioutil.WriteFile(path.Join(tmpDir, "badEntropy"), []byte(testBadEntropyRange), 0644)
+	ioutil.WriteFile(path.Join(tmpDir, "badEntropy2"), []byte(testBadEntropyRange2), 0644)
+	ioutil.WriteFile(path.Join(tmpDir, "mdFiles"), []byte(testMDFileType), 0644)
+	ioutil.WriteFile(path.Join(tmpDir, "entropyLineRegexGo"), []byte(testEntropyRegexRangeGoFilter), 0644)
+	return tmpDir
+}

src/gitleaks_test.go

@@ -16,72 +16,6 @@ import (
 	"gopkg.in/src-d/go-git.v4/storage/memory"
 )
 
-const testWhitelistCommit = `
-[[rules]]
-description = "AWS"
-regex = '''AKIA[0-9A-Z]{16}'''
-
-[whitelist]
-commits = [
-  "eaeffdc65b4c73ccb67e75d96bd8743be2c85973",
-]
-`
-const testWhitelistFile = `
-[[rules]]
-description = "AWS"
-regex = '''AKIA[0-9A-Z]{16}'''
-
-[whitelist]
-files = [
-  ".go",
-]
-`
-
-const testWhitelistRegex = `
-[[rules]]
-description = "AWS"
-regex = '''AKIA[0-9A-Z]{16}'''
-
-[whitelist]
-regexes= [
-  "AKIA",
-]
-`
-
-const testWhitelistRepo = `
-[[rules]]
-description = "AWS"
-regex = '''AKIA[0-9A-Z]{16}'''
-
-[whitelist]
-repos = [
-  "gronit",
-]
-`
-
-const testEntropyRange = `
-[[rules]]
-description = "Entropy ranges"
-entropies = [
-  "7.5-8.0",
-  "3.2-3.4",
-]
-`
-const testBadEntropyRange = `
-[[rules]]
-description = "Bad entropy ranges"
-entropies = [
-  "8.0-3.0",
-]
-`
-const testBadEntropyRange2 = `
-[[rules]]
-description = "Bad entropy ranges"
-entropies = [
-  "8.0-8.9",
-]
-`
-
 func TestGetRepo(t *testing.T) {
 	var err error
 	dir, err = ioutil.TempDir("", "gitleaksTestRepo")
@@ -437,18 +371,6 @@ func TestWriteReport(t *testing.T) {
 
 }
 
-func testTomlLoader() string {
-	tmpDir, _ := ioutil.TempDir("", "whiteListConfigs")
-	ioutil.WriteFile(path.Join(tmpDir, "regex"), []byte(testWhitelistRegex), 0644)
-	ioutil.WriteFile(path.Join(tmpDir, "commit"), []byte(testWhitelistCommit), 0644)
-	ioutil.WriteFile(path.Join(tmpDir, "file"), []byte(testWhitelistFile), 0644)
-	ioutil.WriteFile(path.Join(tmpDir, "repo"), []byte(testWhitelistRepo), 0644)
-	ioutil.WriteFile(path.Join(tmpDir, "entropy"), []byte(testEntropyRange), 0644)
-	ioutil.WriteFile(path.Join(tmpDir, "badEntropy"), []byte(testBadEntropyRange), 0644)
-	ioutil.WriteFile(path.Join(tmpDir, "badEntropy2"), []byte(testBadEntropyRange2), 0644)
-	return tmpDir
-}
-
 func TestAuditRepo(t *testing.T) {
 	var leaks []Leak
 	configsDir := testTomlLoader()
@@ -651,6 +573,20 @@ func TestAuditRepo(t *testing.T) {
 			testOpts:    &Options{},
 			configPath:  path.Join(configsDir, "entropy"),
 		},
+		{
+			repo:        leaksRepo,
+			description: "toml entropy regex line range",
+			numLeaks:    2,
+			testOpts:    &Options{},
+			configPath:  path.Join(configsDir, "entropyLineRegex"),
+		},
+		{
+			repo:        leaksRepo,
+			description: "toml entropy regex range",
+			numLeaks:    0,
+			testOpts:    &Options{},
+			configPath:  path.Join(configsDir, "entropyRegex"),
+		},
 		{
 			repo:           leaksRepo,
 			description:    "toml bad entropy range",
@@ -667,6 +603,20 @@ func TestAuditRepo(t *testing.T) {
 			configPath:     path.Join(configsDir, "badEntropy2"),
 			expectedErrMsg: "invalid entropy ranges, must be within 0.0-8.0",
 		},
+		{
+			repo:        leaksRepo,
+			description: "toml md files",
+			numLeaks:    5,
+			testOpts:    &Options{},
+			configPath:  path.Join(configsDir, "mdFiles"),
+		},
+		{
+			repo:        leaksRepo,
+			description: "toml entropys line regex go",
+			numLeaks:    2,
+			testOpts:    &Options{},
+			configPath:  path.Join(configsDir, "entropyLineRegexGo"),
+		},
 	}
 	g := goblin.Goblin(t)
 	for _, test := range tests {
@@ -674,7 +624,6 @@ func TestAuditRepo(t *testing.T) {
 			g.It(test.description, func() {
 				auditDone = false
 				opts = test.testOpts
-				totalCommits = 0
 
 				config, err = newConfig()
 				// config paths
@@ -687,14 +636,10 @@ func TestAuditRepo(t *testing.T) {
 					}
 				}
 				leaks, err = test.repo.audit()
-				if test.testOpts.Depth != 0 {
-					g.Assert(totalCommits).Equal(test.testOpts.Depth)
-				} else {
-					if opts.Redact {
-						g.Assert(leaks[0].Offender).Equal("REDACTED")
-					}
-					g.Assert(len(leaks)).Equal(test.numLeaks)
+				if opts.Redact {
+					g.Assert(leaks[0].Offender).Equal("REDACTED")
 				}
+				g.Assert(len(leaks)).Equal(test.numLeaks)
 			next:
 				os.Setenv("GITLEAKS_CONFIG", "")
 			})