Giters

Samsung / CredSweeper

CredSweeper is a tool to detect credentials in any directories or files. CredSweeper could help users to detect unwanted exposure of credentials (such as token, passwords, api keys etc.) in advance. By scanning lines, filtering, and using AI model as option, CredSweeper reports lines with possible credentials, where the line is, and expected type o

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

VCS checks fail on main branch

csh519 opened this issue · comments

commented

VCS checks is continuously failing.

@babenek could you please check this issue?

commented

I think it occurred from below code block.
It seems github.event.pull_request.base.repo.releases_url return empty string when PR merged.
So it would be better to make other option for main branch or fix running condition of checks i think.

CredSweeper/.github/workflows/vcs.yml

Lines 29 to 34 in 881b688

API_RELEASE_URL=$(echo "${{ github.event.pull_request.base.repo.releases_url }}")
echo "'${API_RELEASE_URL}'" # dbg
API_RELEASE_URL=$(echo "${API_RELEASE_URL}" | sed 's|.....$||')
echo "'${API_RELEASE_URL}'" # dbg
API_RELEASE_URL=$(echo "${API_RELEASE_URL}/latest")
echo "'${API_RELEASE_URL}'" # dbg

commented

It might fail in forked repositories due they have no releases.
You can fix it with creating personal release in your fork e.g. for version 1.3.0.
Note: 1.1.0 is not suitable due has parallel branch.
I fixed with dummy release from initial commit for my fork.

commented

Oh It was not regarding forked repositories, it occurs in main branch of CredSweeper.
VCS checks

commented

It happens in forked repositories too if actions are enabled.
PR #128 will fix it in main, but might happen in forks.