19015773527

Committed 02 Nov 2025 05:33PM UTC coverage: 17.872% (-62.4%) from 80.3%

Build # 19015773527

Build Type

Pull #22816

github

Committed by

web-flow

Commit Message

Merge a12d75757 into 6c024e162

Pull Request Pull Request #22816: Update Pants internal Python to 3.14

Run Details

4 of 5 new or added lines in 3 files covered. (80.0%)

28452 existing lines in 683 files now uncovered.

9831 of 55007 relevant lines covered (17.87%)

0.18 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

0.0

/src/python/pants/backend/tools/trufflehog/subsystem.py

1	# Copyright 2024 Pants project contributors (see CONTRIBUTORS.md).
2	# Licensed under the Apache License, Version 2.0 (see LICENSE).
3	"""Downloads the trufflehog binary."""
4
UNCOV 5	from __future__ import annotations	×
6
UNCOV 7	from pants.core.util_rules.config_files import ConfigFilesRequest	×
UNCOV 8	from pants.core.util_rules.external_tool import ExternalTool	×
UNCOV 9	from pants.engine.platform import Platform	×
UNCOV 10	from pants.option.option_types import ArgsListOption, BoolOption, SkipOption, StrListOption	×
UNCOV 11	from pants.util.strutil import softwrap	×
12
13
UNCOV 14	class Trufflehog(ExternalTool):	×
15	"""A tool for finding secrets in code."""
16
UNCOV 17	options_scope = "trufflehog"	×
UNCOV 18	name = "Trufflehog"	×
UNCOV 19	default_version = "v3.34.0"	×
UNCOV 20	help = "Trufflehog secrets scanning"	×
UNCOV 21	skip = SkipOption("lint")	×
UNCOV 22	default_known_versions = [	×
23	"v3.34.0\|macos_arm64\|19e10e34e95d797cbb924b342b873caa9e71296f9bead28b390d96981f47fbb0\|26743363",
24	"v3.34.0\|macos_x86_64\|6a0a425be18ef1b3c0bf5ff88a895e01c1de70892ee48026b9a9ed89ad0398d4\|27466237",
25	"v3.34.0\|linux_arm64\|6aeb5a91dbd981a5446312946072b470dc3a706711c85966394f62717cd71111\|26021125",
26	"v3.34.0\|linux_x86_64\|2fda581fb26ed5c866045a4532ce73511f873b70f20eaaae01a7279c3b1c2993\|27805118",
27	]
28
UNCOV 29	exclude = StrListOption(	×
30	default=["README.md"],
31	help=softwrap(
32	"""
33	Exclude paths matching these globs from trufflehog scans.
34	"""
35	),
36	)
37
UNCOV 38	config_discovery = BoolOption(	×
39	default=True,
40	advanced=True,
41	help=softwrap(
42	"""
43	If a trufflehog-config.yaml file is found, pass it to the trufflehog --config argument.
44	"""
45	),
46	)
47
UNCOV 48	args = ArgsListOption(	×
49	example="--no-json --exclude-detectors detector",
50	default=["--json"],
51	extra_help="This includes --json by default to reduce the volume of output.",
52	)
53
UNCOV 54	def generate_url(self, plat: Platform) -> str:	×
55	"""Returns the download URL for the trufflehog binary, depending on the current
56	environment."""
57	plat_str = {	×
58	"macos_arm64": "darwin_arm64",
59	"macos_x86_64": "darwin_amd64",
60	"linux_arm64": "linux_arm64",
61	"linux_x86_64": "linux_amd64",
62	}[plat.value]
63
64	version = self.version.replace("v", "")	×
65	return (	×
66	f"https://github.com/trufflesecurity/trufflehog/releases/download/{self.version}/"
67	f"trufflehog_{version}_{plat_str}.tar.gz"
68	)
69
UNCOV 70	def generate_exe(self, plat: Platform) -> str:	×
71	return "./trufflehog"	×
72
UNCOV 73	def config_request(self) -> ConfigFilesRequest:	×
74	"""Load the config file."""
75	return ConfigFilesRequest(	×
76	discovery=self.config_discovery,
77	check_existence=["trufflehog-config.yaml"],
78	)

pantsbuild / pants / 19015773527

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous