detect-secrets not scanning files in nested directories #876
Description
-
I'm submitting a ...
- bug report
- feature request
-
What is the current behavior?
I'm using detect-secrets 1.5.0, from a repo_directory initialised with git. Inside this repository there is a nested folder named inner, with its own baseline file and some test files with secrets to be detected, all files tracked by git.
When I run detect-secrets scan inner/ it successfully updates the baseline in the root directory. If I specify the baseline inside inner directory, it is updated too.
When I cd into inner directory and run detect-secrets scan, then no secrets on the files are not detected and the baseline only updates the generated_at field.
- If the current behavior is a bug, please provide the steps to reproduce and if possible a minimal demo of the problem
- Create an empty directory (temporary_dir)
- Initialize git
- Create 2 files containing secrets (eg. secrets.properties with password=hunter123)
- Add a baseline file (default one)
- Create a nested directory (eg inner)
- Copy the created files into nested directory
- Run
git add .to track the files with git. - Run detect-secrets scan inner/ , it will show a baseline output with the results containing secrets detection.
cdinto nested directory. Rundetect-secrets scan. The secrets baseline is not updated and result is empty.
-
What is the expected behavior?
detect-secrets scanshould detect secrets on the directory it's being executed. -
What is the motivation / use case for changing the behavior?
It's a use case for scanning on specific folders without need to specify the path at root level.
- Please tell us about your environment:
- detect-secrets Version: 1.5.0
- Python Version: 3.11
- OS Version: macOS Sonoma 14.6
- File type (if applicable): .properties, ,yaml