python代码 检查文件里面有没有密码之类
# # 遍历文件,查看文件里面有没有密码之类的要隐藏,python代码
ignore_patterns=['password = #',"password=#",'test="password',"#{password,jdbcType=VARCHAR}",
"item.password","#{password}","password,real_name",]
def has_pattern(line,ignore_patterns):
for ignore_pattern in ignore_patterns:
if ignore_pattern in line:
return True
return False
err_list=[]
def get_context(lines, line_num, context_length):
start_line = max(0, line_num - context_length)
end_line = min(len(lines), line_num + context_length)
context = lines[start_line:end_line]
return ''.join(context)
def get_context_chars(line, keyword, context_length=50):
keyword_index = line.find(keyword)
if keyword_index != -1:
start_index = max(0, keyword_index - context_length)
end_index = min(len(line), keyword_index + len(keyword) + context_length)
context = line[start_index:end_index]
# print(context)
return context
return None
def check_file_for_sensitive_info(file_path, sensitive_keywords):
try:
have_sensitive = False
with open(file_path, 'r', encoding="utf-8") as file:
for line_num, line in enumerate(file, start=1):
for keyword in sensitive_keywords:
if keyword in line:
should_xzs=" xzs " in line or "-xzs" in line or "xzs-" in line
if keyword=="xzs" and not should_xzs:
continue
if has_pattern(line,ignore_patterns):
continue
print(f"{file_path}:{line_num}")
context_chars=get_context_chars(line, keyword, context_length=50)
print(context_chars.strip())
have_sensitive = True
return have_sensitive
except Exception as e:
err_list.append({
"file_path":file_path,
"erorr":e
})
return False
import os
def traverse_directory(directory_path, sensitive_keywords, ignore_dirs=[]):
for root, dirs, files in os.walk(directory_path):
dirs[:] = [d for d in dirs if d not in ignore_dirs]
for file in files:
file_path = os.path.join(root, file)
if check_file_for_sensitive_info(file_path, sensitive_keywords):
pass
import json_util
sesentive_words_path=rf'D:\home\app\private-conf\sesentive_words.json'
conf=json_util.file_path_to_dict(sesentive_words_path)
directory_path = rf'D:\proj\python\st-util'
def is_have_idea(directory_path):
gitignore_file_path=os.path.join(directory_path,".gitignore")
if os.path.exists(gitignore_file_path):
with open(gitignore_file_path, 'r',encoding="utf-8") as file:
gitignore_data=file.read()
if ".idea" in gitignore_data:
return True
pass
return False
sensitive_keywords =conf.get("sesentive_words")
# 要忽略的目录列表
is_have_idea_yes=is_have_idea(directory_path=directory_path)
ignore_dirs = ['__pycache__','.git',"node_modules","target"]
if is_have_idea_yes:
ignore_dirs.append('.idea')
traverse_directory(directory_path, sensitive_keywords, ignore_dirs)
{
"sesentive_words": ["你的某些密码之类不适合git commit的东西"]
}