fixing commit latest bug

audit/audit_test.go

@@ -263,6 +263,16 @@ func TestAudit(t *testing.T) {
 			},
 			wantPath: "../test_data/test_local_repo_five_commit.json",
 		},
+		{
+			description: "test local repo five at latest commit",
+			opts: options.Options{
+				RepoPath:     "../test_data/test_repos/test_repo_5",
+				Report:       "../test_data/test_local_repo_five_at_latest_commit.json.got",
+				Commit:       "latest",
+				ReportFormat: "json",
+			},
+			wantPath: "../test_data/test_local_repo_five_at_latest_commit.json",
+		},
 		{
 			description: "test local repo six filename",
 			opts: options.Options{

audit/repo.go

@@ -259,19 +259,10 @@ func (repo *Repo) Audit() error {
 	auditTimeStart := time.Now()
 
 	// audit commit patches OR all files at commit. See https://github.com/zricethezav/gitleaks/issues/326
-	// TODO having --commit= and --files-at-commit= set should probably be guarded against
+	// TODO having --commit= and --fites-at-commit= set should probably be guarded against
 	if repo.Manager.Opts.Commit != "" {
 		return inspectCommit(repo.Manager.Opts.Commit, repo, inspectCommitPatches)
 	} else if repo.Manager.Opts.FilesAtCommit != "" {
-		if repo.Manager.Opts.FilesAtCommit == "latest" {
-			// Getting the latest commit on the current branch
-			// ... retrieving the branch being pointed by HEAD
-			ref, err := repo.Repository.Head()
-			if err != nil {
-				return err
-			}
-			return inspectCommit(ref.Hash().String(), repo, inspectFilesAtCommit)
-		}
 		return inspectCommit(repo.Manager.Opts.FilesAtCommit, repo, inspectFilesAtCommit)
 	}
 

audit/util.go

@@ -258,9 +258,16 @@ type commitInspector func(c *object.Commit, repo *Repo) error
 // inspectCommit accepts a commit hash, repo, and commit inspecting function. A new commit
 // object will be created from the hash which will be passed into either inspectCommitPatches
 // or inspectFilesAtCommit depending on the options set.
-func inspectCommit(hash string, repo *Repo, f commitInspector) error {
+func inspectCommit(commit string, repo *Repo, f commitInspector) error {
+	if commit == "latest" {
+		ref, err := repo.Repository.Head()
+		if err != nil {
+			return err
+		}
+		commit = ref.Hash().String()
+	}
 	repo.Manager.IncrementCommits(1)
-	h := plumbing.NewHash(hash)
+	h := plumbing.NewHash(commit)
 	c, err := repo.CommitObject(h)
 	if err != nil {
 		return err

test_data/test_local_repo_five_at_latest_commit.json

@@ -0,0 +1,15 @@
+[
+ {
+  "line": "\nmore_secrets = '99432bfewaf823ec3294e231'",
+  "offender": "secrets = '99432bfewaf823ec3294e231",
+  "commit": "a4c9fb737d5552fd96fce5cc7eedb23353ba9ed0",
+  "repo": "test_repo_5",
+  "rule": "Generic Credential",
+  "commitMessage": "even more secrets\n",
+  "author": "Zach Rice",
+  "email": "zrice@gitlab.com",
+  "file": "secrets.py",
+  "date": "2020-02-01T10:30:22-05:00",
+  "tags": "key, API, generic"
+ }
+]