-
Notifications
You must be signed in to change notification settings - Fork 33
Expand file tree
/
Copy pathbaseline.go
More file actions
82 lines (70 loc) · 2.16 KB
/
baseline.go
File metadata and controls
82 lines (70 loc) · 2.16 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
package detect
import (
"encoding/json"
"fmt"
"os"
"path/filepath"
"github.com/zricethezav/gitleaks/v8/report"
)
//nolint:gocyclo // TODO: refactor this function to reduce cyclomatic complexity
func IsNew(finding *report.Finding, redact uint, baseline []report.Finding) bool {
// Explicitly testing each property as it gives significantly better performance in comparison to cmp.Equal(). Drawback is that
// the code requires maintenance if/when the Finding struct changes
for i := range baseline {
b := &baseline[i]
if finding.RuleID == b.RuleID &&
finding.Description == b.Description &&
finding.StartLine == b.StartLine &&
finding.EndLine == b.EndLine &&
finding.StartColumn == b.StartColumn &&
finding.EndColumn == b.EndColumn &&
(redact > 0 || (finding.Match == b.Match && finding.Secret == b.Secret)) &&
finding.File == b.File &&
finding.Commit == b.Commit &&
finding.Author == b.Author &&
finding.Email == b.Email &&
finding.Date == b.Date &&
finding.Message == b.Message &&
// Omit checking finding.Fingerprint - if the format of the fingerprint changes, the users will see unexpected behavior
finding.Entropy == b.Entropy {
return false
}
}
return true
}
func LoadBaseline(baselinePath string) ([]report.Finding, error) {
bytes, err := os.ReadFile(baselinePath)
if err != nil {
return nil, fmt.Errorf("could not open %s", baselinePath)
}
var previousFindings []report.Finding
err = json.Unmarshal(bytes, &previousFindings)
if err != nil {
return nil, fmt.Errorf("the format of the file %s is not supported", baselinePath)
}
return previousFindings, nil
}
func (d *Detector) AddBaseline(baselinePath, source string) error {
if baselinePath != "" {
absoluteSource, err := filepath.Abs(source)
if err != nil {
return err
}
absoluteBaseline, err := filepath.Abs(baselinePath)
if err != nil {
return err
}
relativeBaseline, err := filepath.Rel(absoluteSource, absoluteBaseline)
if err != nil {
return err
}
baseline, err := LoadBaseline(baselinePath)
if err != nil {
return err
}
d.baseline = baseline
baselinePath = relativeBaseline
}
d.baselinePath = baselinePath
return nil
}