--first-parent command not working

[adtyarai]

When the gitleaks-action workflow is executed through github workflows then internally it executes the command
/tmp/gitleaks-8.16.1/gitleaks detect --redact -v --exit-code=2 --report-format=sarif --report-path=results.sarif --log-level=debug --log-opts=--no-merges --first-parent e73a44d998131a96a95fd00b6be333ad5bb3dc09^..3d6334b5a261445b324da6cc29f5e35f81efb269

But when I'm executing this command directly I'm getting this error:
gitleaks detect --redact -v --exit-code=2 --log-level=debug --log-opts=--no-merges --first-parent 'e73a44d998131a96a95fd00b6be333ad5bb3dc09^..20849092156b04953da6648b9f07bd7d53ab13d7'
Error: unknown flag: --first-parent
Usage:
gitleaks detect [flags]

I need to understand why this --first-parent flag is not available for me or is their a workaround which I can try?
I've downloaded the same gitleaks version.

[pzarfos]

Can you try making another commit and pushing it?

I had the same error when adding gitleaks to a new repo. It failed the first time, but after another commit and a push, gitleaks scanned just fine.

The issue seems to be in this section of code, where it is comparing baseRef and headRef:

• https://github.com/gitleaks/gitleaks-action/blob/master/src/gitleaks.js#L103-L117

If baseRef and headRef are not equal it uses that revision syntax of hash^..hash
...and I think the ^ syntax is causing the error.

To be honest, I'm not sure if this is an issue with the code, or if we did not set our HEAD properly in Github.

Can one of the maintainers weigh in on this one?

[adtyarai]

Hi @pzarfos
I tried this but still it is unable to recognise --first-parent flag.

Can someone from the gitleaks contributer check this?