Fix issue where CustomSeverities are not respected in config

Original ability was added in: #281 When trying out the functionality, it does not respect custom_severities as documented in the README. This patch addresses it by including the porting of custom severities from the the same location where other config keys are copied I've confirmed that it works both in a new test and in manual regression testing. Fixes: #364
thoughtworks · Jun 22, 2024 · 86fb979 · 86fb979
1 parent d3de10b
commit 86fb979
Show file tree

Hide file tree

Showing 3 changed files with 16 additions and 2 deletions.
diff --git a/cmd/scanner_cmd_test.go b/cmd/scanner_cmd_test.go
@@ -2,6 +2,7 @@ package main
 
 import (
 	"os"
+	"talisman/detector/severity"
 	"talisman/git_testing"
 	"talisman/talismanrc"
 	"testing"
@@ -81,8 +82,7 @@ func TestScannerCmdDetectsSecretAndIgnoresWhileRunningNormalScanMode(t *testing.
 
 		scannerCmd := NewScannerCmd(false, git.GetRoot())
 		scannerCmd.Run(&talismanrc.TalismanRC{
-			IgnoreConfigs: []talismanrc.IgnoreConfig{
-			}})
+			IgnoreConfigs: []talismanrc.IgnoreConfig{}})
 		assert.Equal(t, 1, scannerCmd.exitStatus(), "Expected ScannerCmd.exitStatus() to return 1 since secrets file ignore is enabled")
 	})
 }
diff --git a/talismanrc/talismanrc.go b/talismanrc/talismanrc.go
@@ -201,6 +201,7 @@ func fromPersistedRC(configFromTalismanRCFile *persistedRC, mode Mode) *Talisman
 	tRC.ScopeConfig = configFromTalismanRCFile.ScopeConfig
 	tRC.Experimental = configFromTalismanRCFile.Experimental
 	tRC.CustomPatterns = configFromTalismanRCFile.CustomPatterns
+	tRC.CustomSeverities = configFromTalismanRCFile.CustomSeverities
 	tRC.Experimental = configFromTalismanRCFile.Experimental
 	tRC.AllowedPatterns = make([]*regexp.Regexp, len(configFromTalismanRCFile.AllowedPatterns))
 	for i, p := range configFromTalismanRCFile.AllowedPatterns {

diff --git a/talismanrc/talismanrc_test.go b/talismanrc/talismanrc_test.go
@@ -78,6 +78,19 @@ func TestShouldConvertThresholdToValue(t *testing.T) {
 	assert.Equal(t, newPersistedRC(talismanRCContents).Threshold, severity.High)
 }
 
+func TestObeysCustomSeverityLevelsAndThreshold(t *testing.T) {
+	talismanRCContents := []byte(`threshold: high
+custom_severities:
+- detector: Base64Content
+  severity: low
+`)
+	persistedRC := newPersistedRC(talismanRCContents)
+	talismanRC := fromPersistedRC(persistedRC, ScanMode)
+	assert.Equal(t, newPersistedRC(talismanRCContents).Threshold, severity.High)
+	assert.Equal(t, len(newPersistedRC(talismanRCContents).CustomSeverities), 1)
+	assert.Equal(t, persistedRC.CustomSeverities, talismanRC.CustomSeverities)
+}
+
 func TestDirectoryPatterns(t *testing.T) {
 	assertAccepts("foo/", "", "bar", t)
 	assertAccepts("foo/", "", "foo", t)