Comments (7)
niall-byrne
commented on June 6, 2024
This is totally possible, I believe you can control the number of commits you check out with actions/checkout@v2.
from gitleaks-action.
stone-z
commented on June 6, 2024
This is totally possible, I believe you can control the number of commits you check out with actions/checkout@v2.
For sure, I think the question still remains how to determine how many commits to check out. If the commits are known, we could also use the same approach as is used for PRs (with the commit list). But a user could push arbitrarily many commits in a single push, and I haven't yet managed to find a git- or GitHub-native way to see what they are.
from gitleaks-action.
niall-byrne
commented on June 6, 2024
https://github.community/t/how-to-get-all-pushed-commit-information/116861/3
from gitleaks-action.
stone-z
commented on June 6, 2024
๐ฎ yeah that looks like it should work. I'll cook up a PR. Thanks!
from gitleaks-action.
crazy-matt
commented on June 6, 2024
I believe the scan is performed on all branches as the gitleaks action does not allow to pass the --branch parameter to narrow down the scan. Which leads to some issues on the push event when working as a team with multiple feature branches.
from gitleaks-action.
crazy-matt
commented on June 6, 2024
โ๐ผ potential fix: #38
from gitleaks-action.
zricethezav
commented on June 6, 2024
Hi @stone-z as you already know, we released version 2.0 which fixes this problem. Only relevant commits will be scanned.
from gitleaks-action.
Related Issues (20)
- Action not working on reusable workflows HOT 1
- Gitleaks Summary Generated Urls Broken
- incorrectly constructed download URL for some architectures HOT 1
- Problem when adding workflow_dispatch
- Failed with Self hosted GitHub Runner HOT 3
- Can't use 'tar -xzf' extract archive file. return code: 2. HOT 2
- Can not install gitleaks for selfhosted runner (Destination file path /tmp/gitleaks.tmp already exists) HOT 1
- GITLEAKS_NOTIFY_USER_LIST - does not work while setting up the workflow as a reusable workflow HOT 1
- License key validation failed all of a sudden HOT 1
- GitHub action on pull_request keep on scanning previous commits HOT 3
- GitHub Action does not apply gitleaks.toml rules
- Not possible to apply GITLEAKS_NOTIFY_USER_LIST HOT 3
- ะกanโt get the artifact after completing the gitleaks step
- Error During CI HOT 7
- [ORG] is an organization. License key is required. undefined:1 HOT 5
- New release for `node20` update HOT 8
- Enhancement | GITLEAKS_NOTIFY_USER_LIST to use GitHub Teams
- Setting baseline path in gihub actions
- gitleaks result output path
- does not see unencrypted secrets in the organization
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. ๐๐๐
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google โค๏ธ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from gitleaks-action.