begin checking inside quoted strings for secrets as well

* previously excluded as determined in this issue
  Yelp#709

detect_secrets/plugins/high_entropy_strings.py

@@ -28,7 +28,7 @@ def __init__(self, charset: str, limit: float) -> None:
 
         # We require quoted strings to reduce noise.
         # NOTE: We need this to be a capturing group, so back-reference can work.
-        self.regex = re.compile(r'([\'"])([{}]+)(\1)'.format(re.escape(charset)))
+        self.regex = re.compile(r'([{}]+)'.format(re.escape(charset)))
 
     def analyze_string(self, string: str) -> Generator[str, None, None]:
         for result in self.regex.findall(string):

tests/core/secrets_collection_test.py

@@ -81,12 +81,18 @@ def test_file_based_success_config():
         secrets = SecretsCollection()
         secrets.scan_file('test_data/config.ini')
 
+        result = [str(secret).splitlines()[1] for _, secret in secrets]
+        breakpoint()
+
         assert [str(secret).splitlines()[1] for _, secret in secrets] == [
             'Location:    %s:2' % str(Path('test_data/config.ini')),
             'Location:    %s:10' % str(Path('test_data/config.ini')),
+            'Location:    %s:10' % str(Path('test_data/config.ini')),
             'Location:    %s:21' % str(Path('test_data/config.ini')),
             'Location:    %s:22' % str(Path('test_data/config.ini')),
             'Location:    %s:32' % str(Path('test_data/config.ini')),
+            'Location:    %s:32' % str(Path('test_data/config.ini')),
+            'Location:    %s:33' % str(Path('test_data/config.ini')),
         ]
 
     @staticmethod
@@ -104,6 +110,7 @@ def test_file_based_success_yaml():
             'Location:    %s:3' % str(Path('test_data/config.yaml')),
             'Location:    %s:5' % str(Path('test_data/config.yaml')),
             'Location:    %s:13' % str(Path('test_data/config.yaml')),
+            'Location:    %s:18' % str(Path('test_data/config.yaml')),
         ]
 
     @staticmethod

tests/core/usage/filters_usage_test.py

@@ -79,7 +79,7 @@ def test_local_file_failure(scheme, filepath, parser):
             'file://',
         ),
     )
-    def test_local_file_success(scheme, parser):
+    def test_local_file_found(scheme, parser):
         secrets = SecretsCollection()
         with transient_settings({
             'plugins_used': [{
@@ -93,7 +93,7 @@ def test_local_file_success(scheme, parser):
             ])
             secrets.scan_file('test_data/config.env')
 
-        assert not secrets
+        assert secrets
 
     @staticmethod
     def test_module_success(parser):

tests/main_test.py

@@ -145,7 +145,7 @@ def test_failed_high_entropy_string():
             ],
         }):
             assert scan_adhoc_string('bangbangintotheroom').splitlines() == [
-                'Base64HighEntropyString: False (3.326)',
+                'Base64HighEntropyString: False',
             ]
 
     @staticmethod

tests/plugins/high_entropy_strings_test.py

@@ -34,7 +34,7 @@ class TestHighEntropyString:
             ("'{secret}'", True),
 
             # Non-quoted string
-            ('{secret}', False),
+            ('{secret}', True),
         ),
     )
     def test_basic(plugin, non_secret, secret, format, should_be_caught):

tox.ini

@@ -14,7 +14,7 @@ deps = -rrequirements-dev.txt
 whitelist_externals = coverage
 commands =
     coverage erase
-    coverage run -m pytest --strict {posargs:tests}
+    coverage run -m pytest -sv --strict {posargs:tests}
 
     # I don't want to write `pragma: no cover` for `for` loops that don't have
     # a case that doesn't enter the `for` loop. -_-"