How to add a custom filter in the Detect-Secrets (Yelp)code for build

detect-secrets scan --filter custom_filter.py::is_invalid_secret

What is the filter in Detect-Secrets?

The filter is something that you don’t want to scan at the time of repo scan by detect-secrets. Like your organization use “AppID = dasdsfdsfsdfsf”, so for “Detect-secrets” this is secret but for your organization, it’s a normal value. So if you want fewer false-positive results then we use the filters.

How to add filter code in code and build the detect secret?

Step1: Clone the “Detect-Secrets” tool repo.
git clone https://github.com/Yelp/detect-secrets.git

import string

def is_likely_filter(secret, line):
line = line.lower()

if "AppID" in line:
return True
return False
'detect_secrets.filters.customfilter.is_likely_filter',
detect-secrets scan > .secrets.baseline
detect-secrets scan --baseline .secrets.baseline
printf '\tif "'"$1"'" in line:\n\t\treturn True\n\treturn False\n' >> detect_secrets/filters/customfilter.py
pip3 uninstall detect-secrets
python3 setup.py build
python3 setup.py install

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store