Skip to content

Handle invalid YAML timestamps during scan#970

Open
KairosOps wants to merge 1 commit into
Yelp:masterfrom
KairosOps:fix/handle-invalid-yaml-date
Open

Handle invalid YAML timestamps during scan#970
KairosOps wants to merge 1 commit into
Yelp:masterfrom
KairosOps:fix/handle-invalid-yaml-date

Conversation

@KairosOps

Copy link
Copy Markdown

Fixes #584.

PyYAML raises a plain ValueError while constructing some malformed timestamps, for example 0000-01-01. The YAML transformer only converted yaml.YAMLError into ParsingError, so that constructor failure could escape the transformer and crash detect-secrets scan --all-files instead of falling back to the normal line scanner.

This treats that parse-time ValueError the same way as other YAML parsing failures. The transformer now raises ParsingError, get_transformed_file() ignores the failed structured transform, and scanning can continue over the raw file contents.

Checked:

  • python -m py_compile detect_secrets\transformers\yaml.py tests\transformers\yaml_transformer_test.py tests\core\scan_test.py
  • python -m pytest tests\transformers\yaml_transformer_test.py tests\core\scan_test.py -q
  • python -m flake8 --select=E9,F63,F7,F82 detect_secrets\transformers\yaml.py tests\transformers\yaml_transformer_test.py tests\core\scan_test.py
  • git diff --check

I also tried a wider nearby test set including tests/core/secrets_collection_test.py; that surfaced an unrelated existing assertion where test_data/config.md produced no detected secrets in this local environment. Full-file flake8 also reports many pre-existing E501 line-length violations in these files, so I kept the lint check scoped to syntax/undefined-name failures for this small patch.

@KairosOps KairosOps marked this pull request as ready for review June 21, 2026 03:36
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

detect-secrets scan --all-files returns ValueError: year 0 is out of range

1 participant