From 2b1080fa5d6f23b46c13711991db8516b91778c8 Mon Sep 17 00:00:00 2001 From: "ay.gavrilov" Date: Fri, 12 Dec 2025 13:35:08 +0300 Subject: [PATCH] Relative path key added --- deepsecrets/cli.py | 12 +++++++++++- deepsecrets/config.py | 5 +++++ deepsecrets/core/model/finding.py | 15 +++++++++++---- 3 files changed, 27 insertions(+), 5 deletions(-) diff --git a/deepsecrets/cli.py b/deepsecrets/cli.py index c54ac48..11cd5fe 100644 --- a/deepsecrets/cli.py +++ b/deepsecrets/cli.py @@ -201,6 +201,13 @@ def _build_argparser(self) -> None: 'Use this flag if you want to render found secrets in plaintext.', ) + parser.add_argument( + '--relative-path', + action='store_true', + help='By default absolute path is used in JSON report.\n' + 'Use this flag if you want to use relative path instead.', + ) + self.argparser = parser def parse_arguments(self) -> None: @@ -212,6 +219,9 @@ def parse_arguments(self) -> None: if user_args.disable_masking: config.set_disable_masking(True) + if user_args.relative_path: + config.set_relative_path(True) + self.say_hello() config.set_workdir(user_args.target_dir) @@ -313,7 +323,7 @@ def start(self) -> int: # pragma: nocover with open(report_path, 'w+') as f: if config.output.type == 'json': - json.dump(FindingResponse.from_list(findings, config.disable_masking), f) + json.dump(FindingResponse.from_list(findings, config.disable_masking, config.relative_path), f) if config.output.type == 'dojo-sarif': f.write(to_json(FindingResponse.dojo_sarif_from_list(findings, config.disable_masking))) diff --git a/deepsecrets/config.py b/deepsecrets/config.py index 263b43f..ee4570c 100644 --- a/deepsecrets/config.py +++ b/deepsecrets/config.py @@ -32,6 +32,7 @@ class Config: process_count: int return_code_if_findings: bool disable_masking: bool + relative_path: bool def __init__(self) -> None: self.engines = [] @@ -39,6 +40,7 @@ def __init__(self) -> None: self.global_exclusion_paths = [] self.return_code_if_findings = False self.disable_masking = False + self.relative_path = False # equals to CPU count self.process_count = FALLBACK_PROCESS_COUNT @@ -49,6 +51,9 @@ def set_logging_level(self, level: int): def set_disable_masking(self, state: bool): self.disable_masking = state + + def set_relative_path(self, state: bool): + self.relative_path = state def _set_path(self, path: str, field: str) -> None: if not path_exists(path): diff --git a/deepsecrets/core/model/finding.py b/deepsecrets/core/model/finding.py index 76005fa..eaedd9a 100644 --- a/deepsecrets/core/model/finding.py +++ b/deepsecrets/core/model/finding.py @@ -117,14 +117,18 @@ def merge(self) -> List[Finding]: class FindingResponse: @classmethod - def from_list(cls, list: List[Finding], disable_masking: bool = False) -> Dict[str, List[Dict]]: + def from_list(cls, list: List[Finding], disable_masking: bool = False, relative_path: bool = False) -> Dict[str, List[Dict]]: resp: Dict[str, List[Dict]] = {} for finding in list: if finding.file is None: continue - if finding.file.path not in resp: - resp[finding.file.path] = [] + if not relative_path: + if finding.file.path not in resp: + resp[finding.file.path] = [] + else: + if finding.file.relative_path not in resp: + resp[finding.file.relative_path] = [] resp_finding = FindingApiModel.from_finding(finding) @@ -133,7 +137,10 @@ def from_list(cls, list: List[Finding], disable_masking: bool = False) -> Dict[s resp_finding.line = resp_finding.line.replace(resp_finding.string, '*' * len(resp_finding.string)) resp_finding.string = '*' * len(resp_finding.string) - resp[finding.file.path].append(resp_finding.model_dump()) + if not relative_path: + resp[finding.file.path].append(resp_finding.model_dump()) + else: + resp[finding.file.relative_path].append(resp_finding.model_dump()) return resp