GitHub action on pull_request keep on scanning previous commits #130
Comments
|
You need to rewrite your commit history to remove whatever commit added the offending secret. Adding an additional commit that removes the secrets again isn't enough as the secrets will still be in your git commit history. |
|
I didn't get that I need to rewrite the commit history? |
|
How to make gitleaks on pull request to scan only the latest commits |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hi I have tried this workflow yaml in GitHub action
name: gitleaks
on: [pull_request, workflow_dispatch]
jobs:
scan:
name: gitleaks
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
with:
fetch-depth: 0
- uses: gitleaks/gitleaks-action@v2
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
GITLEAKS_LICENSE: ${{ secrets.GITLEAKS_LICENSE}} #
But this workflow keep on scanning previous commits and finding the secrets which I have already deleted in the previous commits. How to make above yaml to scan only the latest commit
The text was updated successfully, but these errors were encountered: