ripsecrets 0.1.11

A command-line tool to prevent committing secret keys into your source code
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89

#![allow(clippy::needless_return)]

use ripsecrets::find_secrets;
use std::process;
use termcolor::{BufferWriter, ColorChoice};

mod pre_commit;

include!("args.rs");

#[derive(Debug)]
pub enum UsageError {
    PreCommit,
    Version,
    Help,
}

enum RunResult {
    PreCommitInstallSuccessful,
    NoSecretsFound,
    SecretsFound,
    Error(String),
}

fn main() {
    match run() {
        RunResult::PreCommitInstallSuccessful => process::exit(0),
        RunResult::NoSecretsFound => process::exit(0),
        RunResult::SecretsFound => process::exit(1),
        RunResult::Error(e) => {
            eprintln!("Error: {}", e);
            process::exit(2)
        }
    }
}

fn run() -> RunResult {
    let args = Args::parse();
    let paths = if args.paths.is_empty() {
        vec![PathBuf::from(".")]
    } else {
        args.paths
    };

    if args.install_pre_commit && (args.strict_ignore || args.only_matching) {
        let option = if args.strict_ignore {
            "--strict-ignore"
        } else {
            "--only-matching"
        };
        return RunResult::Error(format!(
            "{} is not a valid option when installing pre-commits. Use --install-pre-commit alone",
            option
        ));
    }

    if args.install_pre_commit {
        for path in paths {
            match pre_commit::install_pre_commit(&path) {
                // If we installed pre-commit to this path
                // just fine, keep iterating
                Ok(()) => (),
                Err(err) => {
                    // If we get an error when trying to install
                    // pre-commit, return an Error as a String
                    return RunResult::Error(err.to_string());
                }
            }
        }
        // Made it through all the paths just fine
        RunResult::PreCommitInstallSuccessful
    } else {
        match find_secrets(
            &paths,
            &args.additional_patterns,
            args.strict_ignore,
            args.only_matching,
            BufferWriter::stdout(ColorChoice::Never),
        ) {
            Ok(0) => RunResult::NoSecretsFound,
            // If we found 1 or more secrets, it's not an error, BUT we do
            // want to notify the user via a different exit code.
            Ok(_num_secrets) => RunResult::SecretsFound,
            // If there's a real error, return it as a String for main()
            // to handle.
            Err(err) => RunResult::Error(err.to_string()),
        }
    }
}