You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I wasn't sure if I should report this here or in gitleaks/gitleaks, since I'm seeing this in the action I decided to do it here.
Prior to version 8.23.2 of gitleaks when running the gitleaks action on a PR it only checked the commits from the PR, starting with 8.23.2 it's checking the entire repo history which for us is unnecessary.
Here are the logs from the same PR using the 2 different versions:
8.23.1
Run gitleaks/gitleaks-action@v2
env:
GITHUB_TOKEN: ***
GITLEAKS_ENABLE_COMMENTS: true
GITLEAKS_ENABLE_SUMMARY: true
GITLEAKS_ENABLE_UPLOAD_ARTIFACT: false
GITLEAKS_LICENSE: ***
GITLEAKS_NOTIFY_USER_LIST:
GITLEAKS_VERSION: 8.[2](https://github.com/teamexos/prince-backend/actions/runs/12995489918/job/36244250747?pr=4915#step:4:2)3.1
[teamexos] is an organization. License key is required.
gitleaks version: 8.2[3](https://github.com/teamexos/prince-backend/actions/runs/12995489918/job/36244250747?pr=4915#step:4:3).1
Version to install: 8.23.1 (target directory: /tmp/gitleaks-8.23.1)
Downloading gitleaks from https://github.com/zricethezav/gitleaks/releases/download/v8.23.1/gitleaks_8.23.1_linux_x6[4](https://github.com/teamexos/prince-backend/actions/runs/12995489918/job/36244250747?pr=4915#step:4:4).tar.gz
/usr/bin/tar xz --warning=no-unknown-keyword --overwrite -C /tmp/gitleaks-8.23.1 -f /tmp/gitleaks.tmp
/usr/bin/tar --posix -z -cf cache.tgz -P -C /home/runner/work/prince-backend/prince-backend --files-from manifest.txt
Cache Size: ~[5](https://github.com/teamexos/prince-backend/actions/runs/12995489918/job/36244250747?pr=4915#step:4:5) MB (5304520 B)
Cache saved successfully
event type: pull_request
gitleaks cmd: gitleaks detect --redact -v --exit-code=2 --report-format=sarif --report-path=results.sarif --log-level=debug --log-opts=--no-merges --first-parent [6](https://github.com/teamexos/prince-backend/actions/runs/12995489918/job/36244250747?pr=4915#step:4:6)f40fa2c1fb29f5e4a4a1075e42d505cbbafdb49^..6f40fa2c1fb29f5e4a4a10[7](https://github.com/teamexos/prince-backend/actions/runs/12995489918/job/36244250747?pr=4915#step:4:7)5e42d505cbbafdb49
/tmp/gitleaks-[8](https://github.com/teamexos/prince-backend/actions/runs/12995489918/job/36244250747?pr=4915#step:4:8).23.1/gitleaks detect --redact -v --exit-code=2 --report-format=sarif --report-path=results.sarif --log-level=debug --log-opts=--no-merges --first-parent 6f40fa2c1fb2[9](https://github.com/teamexos/prince-backend/actions/runs/12995489918/job/36244250747?pr=4915#step:4:9)f5e4a4a1075e42d505cbbafdb49^..6f40fa2c1fb29f5e4a4a[10](https://github.com/teamexos/prince-backend/actions/runs/12995489918/job/36244250747?pr=4915#step:4:11)75e42d505cbbafdb49
○
│╲
│ ○
○ ░
░ gitleaks
6:49PM DBG no gitleaks config found in path .gitleaks.toml, using default gitleaks config
6:49PM DBG found .gitleaksignore file: .gitleaksignore
6:49PM DBG found .gitleaksignore file: .gitleaksignore
6:49PM DBG executing: /usr/bin/git -C . log -p -U0 --no-merges --first-parent 6f40fa2c1fb29f5e4a4a1075e42d505cbbafdb49^..6f40fa2c1fb29f5e4a4a1075e42d505cbbafdb49
6:49PM INF 1 commits scanned.
6:49PM DBG Note: this number might be smaller than expected due to commits with no additions
6:49PM INF scanned ~467 bytes (467 bytes) in 6.24ms
6:49PM INF no leaks found
✅ No leaks detected
8.23.2
Run gitleaks/gitleaks-action@v2
env:
GITHUB_TOKEN: ***
GITLEAKS_ENABLE_COMMENTS: true
GITLEAKS_ENABLE_SUMMARY: true
GITLEAKS_ENABLE_UPLOAD_ARTIFACT: false
GITLEAKS_LICENSE: ***
GITLEAKS_NOTIFY_USER_LIST:
GITLEAKS_VERSION: latest
[teamexos] is an organization. License key is required.
gitleaks version: 8.[2](https://github.com/teamexos/prince-backend/actions/runs/12995489918/job/36242304622?pr=4915#step:4:2)3.2
Version to install: 8.2[3](https://github.com/teamexos/prince-backend/actions/runs/12995489918/job/36242304622?pr=4915#step:4:3).2 (target directory: /tmp/gitleaks-8.23.2)
Downloading gitleaks from https://github.com/zricethezav/gitleaks/releases/download/v8.23.2/gitleaks_8.23.2_linux_x6[4](https://github.com/teamexos/prince-backend/actions/runs/12995489918/job/36242304622?pr=4915#step:4:4).tar.gz
/usr/bin/tar xz --warning=no-unknown-keyword --overwrite -C /tmp/gitleaks-8.23.2 -f /tmp/gitleaks.tmp
/usr/bin/tar --posix -z -cf cache.tgz -P -C /home/runner/work/prince-backend/prince-backend --files-from manifest.txt
Cache Size: ~[5](https://github.com/teamexos/prince-backend/actions/runs/12995489918/job/36242304622?pr=4915#step:4:5) MB (5309230 B)
Cache saved successfully
event type: pull_request
gitleaks cmd: gitleaks detect --redact -v --exit-code=2 --report-format=sarif --report-path=results.sarif --log-level=debug --log-opts=--no-merges --first-parent [6](https://github.com/teamexos/prince-backend/actions/runs/12995489918/job/36242304622?pr=4915#step:4:6)f40fa2c1fb29f5e4a4a1075e42d505cbbafdb49^..6f40fa2c1fb29f5e4a4a10[7](https://github.com/teamexos/prince-backend/actions/runs/12995489918/job/36242304622?pr=4915#step:4:7)5e42d505cbbafdb49
/tmp/gitleaks-[8](https://github.com/teamexos/prince-backend/actions/runs/12995489918/job/36242304622?pr=4915#step:4:8).23.2/gitleaks detect --redact -v --exit-code=2 --report-format=sarif --report-path=results.sarif --log-level=debug --log-opts=--no-merges --first-parent 6f40fa2c1fb2[9](https://github.com/teamexos/prince-backend/actions/runs/12995489918/job/36242304622?pr=4915#step:4:9)f5e4a4a1075e42d505cbbafdb49^..6f40fa2c1fb29f5e4a4a[10](https://github.com/teamexos/prince-backend/actions/runs/12995489918/job/36242304622?pr=4915#step:4:11)75e42d505cbbafdb49
○
│╲
│ ○
○ ░
░ gitleaks
6:13PM DBG using github.com/wasilibs/go-re2 regex engine
6:13PM DBG no gitleaks config found in path .gitleaks.toml, using default gitleaks config
6:[13](https://github.com/teamexos/prince-backend/actions/runs/12995489918/job/36242304622?pr=4915#step:4:14)PM DBG found .gitleaksignore file: .gitleaksignore
6:13PM DBG found .gitleaksignore file: .gitleaksignore
6:13PM DBG executing: /usr/bin/git -C . log -p -U0 --full-history --all
6:13PM DBG SCM platform parsed from host host=github.com platform=github
...
6:14PM INF 10020 commits scanned.
6:14PM DBG Note: this number might be smaller than expected due to commits with no additions
6:14PM INF scanned ~84900274 bytes (84.90 MB) in 22.9s
...
All secrets that have been leaked will be reported in the summary and job artifact.
Warning: 🛑 Leaks detected, see job summary for details
The text was updated successfully, but these errors were encountered:
I wasn't sure if I should report this here or in gitleaks/gitleaks, since I'm seeing this in the action I decided to do it here.
Prior to version 8.23.2 of gitleaks when running the gitleaks action on a PR it only checked the commits from the PR, starting with 8.23.2 it's checking the entire repo history which for us is unnecessary.
Here are the logs from the same PR using the 2 different versions:
8.23.1
8.23.2
The text was updated successfully, but these errors were encountered: