Removing signatures from excluded-signatures should not get flagged #201
Labels
design decision needed
Maintainers must agree on a direction before this is worked on
enhancement
New feature or request
Comments
Closed
tarkatronic
added
the
design decision needed
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Feature Request
Enhance the automatic exclusion logic
Is your feature request related to a problem? Please describe.
In version 2.6 a feature was added to not flag the signatures being actively excluded by excluded-signatures in tartufo.toml (or whatever config is being used). When making a subsequent commit to staged files to remove no longer used signatures from the config file, the diff check sees the old signature and flags it (because its no longer in the excluded-signatures). This creates a catch-22 where you end up having to exclude the tartufo.toml file to get your commit to go, thus rendering the 2.6 feature moot.
Describe the solution you'd like
I would like to be able to remove signatures from the excluded signatures in the tartufo.toml file and not have them flagged because they are no longer in the new version of the tartufo.toml file.
Possible drawbacks may be the difficulty in examining the previous version of the file.
Describe alternatives you've considered
An alternative solution is to just not do a scan on the tartufo.toml (or whatever config file is being actively picked up in the scan). If backwards compatibility here is a problem an argument could be set in the pre-commit yml to "ignoreConfig" or something like that.
Teachability, Documentation, Adoption, Migration Strategy
Documentation of any new flags or behavior would be needed.
The text was updated successfully, but these errors were encountered: