Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

DotGitignore-like Include Paths #106

Open
dclayton-godaddy opened this issue Oct 5, 2020 · 3 comments
Open

DotGitignore-like Include Paths #106

dclayton-godaddy opened this issue Oct 5, 2020 · 3 comments
Labels
design decision needed Maintainers must agree on a direction before this is worked on enhancement New feature or request

Comments

@dclayton-godaddy
Copy link
Contributor

dclayton-godaddy commented Oct 5, 2020
edited
Loading

Feature Request

Add --ignore-paths to support git-like ignore syntax.

NOTE: I have already started development on this so immediate feedback is appreciated.

Is your feature request related to a problem? Please describe.

--excluded-paths and --included-paths point to files containing paths to ignore or scan. My immediate thought is that the paths are similar to .dockerignore, .gitignore, etc. However they are regular expressions which are more painful to write.

Describe the solution you'd like

Add --ignore-paths .secretsignore to the CLI that is modeled after other ignore files like .gitignore or .dockerignore. .gitignore and .dockerignore support negating ! whereby this acts as an include, so there is no need for another file to include paths.

.secretsignore

.git/
node_modules/
package-lock.json
yarn.lock

only include YAML files

*
!**/*.yaml

Describe alternatives you've considered

--excluded-paths

Teachability, Documentation, Adoption, Migration Strategy
@dclayton-godaddy dclayton-godaddy added the enhancement New feature or request label Oct 5, 2020
@tarkatronic tarkatronic added the design decision needed Maintainers must agree on a direction before this is worked on label Oct 5, 2020
@tarkatronic
Copy link
Contributor

I'm initially pretty hesitant to implement this. It is currently pretty well documented that these use regular expressions, and regexes are currently the convention throughout this application. For example, in the output from tartufo --help:

  -i, --include-paths FILENAME    File with regular expressions (one per
                                  line), ...
  -x, --exclude-paths FILENAME    File with regular expressions (one per
                                  line), ...

I can understand the urge to use glob-style syntax, but I think that would be overall more of a step backward than a step forward. Also, I'm pretty sure that we nowhere imply nor state that this is using glob/ignore syntax.

@dclayton-godaddy
Copy link
Contributor Author

Sure. I don't recall the last time I used a file with one path per line that was not a git-like syntax. The more we are consistent with other tools, the easier it will be to implement.

@dclayton-godaddy
Copy link
Contributor Author

To me, this is easier to read and since I know .gitignore syntax, I already know how to include files/folders. I won't accidentally put yarn.lock and forget . is a wildcard for any character.

.git/
node_modules/
package-lock.json
yarn.lock

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
design decision needed Maintainers must agree on a direction before this is worked on enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@tarkatronic @dclayton-godaddy