izackp/takopi
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: deny root-level files with default deny_globs (#216)

Browse Source
This commit is contained in:
fjolne
2026-03-02 07:51:53 +00:00
committed by GitHub
parent eedfa0bba5
commit 6cf469c8ac
2 changed files with 11 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/takopi/settings.py
+2 -2
View File
@@ -76,8 +76,8 @@ class TelegramFilesSettings(BaseModel):
".git/**", ".git/**",
".env", ".env",
".envrc", ".envrc",
"**/*.pem", "*.pem",
"**/.ssh/**", ".ssh/**",
] ]
) )
tests/test_telegram_files.py
+9
View File
@@ -6,6 +6,7 @@ from pathlib import Path
import pytest import pytest
from takopi.settings import TelegramFilesSettings
from takopi.telegram import files as tg_files from takopi.telegram import files as tg_files
from takopi.telegram.files import ZipTooLargeError, zip_directory from takopi.telegram.files import ZipTooLargeError, zip_directory
@@ -100,6 +101,14 @@ def test_deny_reason_matches_patterns() -> None:
assert tg_files.deny_reason(Path("secrets/key.pem"), ["**/*.pem"]) == "**/*.pem" assert tg_files.deny_reason(Path("secrets/key.pem"), ["**/*.pem"]) == "**/*.pem"
def test_default_deny_globs_cover_sensitive_paths() -> None:
patterns = TelegramFilesSettings().deny_globs
assert tg_files.deny_reason(Path("key.pem"), patterns) == "*.pem"
assert tg_files.deny_reason(Path(".ssh/id_rsa"), patterns) == ".ssh/**"
assert tg_files.deny_reason(Path("secrets/key.pem"), patterns) == "*.pem"
assert tg_files.deny_reason(Path("configs/.ssh/id_rsa"), patterns) == ".ssh/**"
def test_format_bytes_various_units() -> None: def test_format_bytes_various_units() -> None:
assert tg_files.format_bytes(0) == "0 b" assert tg_files.format_bytes(0) == "0 b"
assert tg_files.format_bytes(1536) == "1.5 kb" assert tg_files.format_bytes(1536) == "1.5 kb"