From 4b5f8de1c10a655c4b5b1ad2ac3da608b3dce4d5 Mon Sep 17 00:00:00 2001
From: Michael Dowling <mtdowling@gmail.com>
Date: Wed, 26 Oct 2016 10:42:18 -0700
Subject: [PATCH] Exclude empty provider output. Closes #34

---
 git-secrets           |  9 ++++++---
 test/git-secrets.bats | 12 ++++++++++++
 2 files changed, 18 insertions(+), 3 deletions(-)

diff --git a/git-secrets b/git-secrets
index 6d11619..b889b5f 100755
--- a/git-secrets
+++ b/git-secrets
@@ -49,7 +49,11 @@ load_patterns() {
   git config --get-all secrets.patterns
   # Execute each provider and use their output to build up patterns
   git config --get-all secrets.providers | while read -r cmd; do
-    echo "$(export IFS=$'\n\t '; $cmd)"
+    local result="$(export IFS=$'\n\t '; $cmd)"
+    # Do not add empty lines from providers as that would match everything.
+    if [ -n "${result}" ]; then
+      echo "$result"
+    fi
   done
 }
 
@@ -65,8 +69,7 @@ load_allowed() {
 load_combined_patterns() {
   local patterns=$(load_patterns)
   local combined_patterns=''
-  for pattern in $patterns
-  do
+  for pattern in $patterns; do
     combined_patterns=${combined_patterns}${pattern}"|"
   done
   combined_patterns=${combined_patterns%?}
diff --git a/test/git-secrets.bats b/test/git-secrets.bats
index fe02e8c..52aab22 100644
--- a/test/git-secrets.bats
+++ b/test/git-secrets.bats
@@ -299,6 +299,18 @@ load test_helper
   echo "$output" | grep -F 'bam'
 }
 
+@test "Strips providers that return nothing" {
+  repo_run git-secrets --add-provider -- 'echo'
+  [ $status -eq 0 ]
+  repo_run git-secrets --add-provider -- 'echo 123'
+  [ $status -eq 0 ]
+  repo_run git-secrets --list
+  echo "$output" | grep -F 'echo 123'
+  echo 'foo' > $TEST_REPO/bad_file
+  repo_run git-secrets --scan $TEST_REPO/bad_file
+  [ $status -eq 0 ]
+}
+
 @test "--recursive cannot be used with SCAN_*" {
   repo_run git-secrets --scan -r --cached
   [ $status -eq 1 ]