gitleaksignore file fingerprint issue after pull request squash and merge
Rajalakshmiselvaraj-alation opened this issue · comments
Scenario:
Once a false positive secret is detected in a pull request, the fingerprint is added to the .gitleaksignore
file. This fingerprint references a PR commit.
The pull request is then merged to main
branch with **squash and merge**
option. Now the PR commit information is lost and the information in .gitleaksignore
file becomes stale.
When gitleaks is run on main
branch, the leaks are reported again as the commit information in .gitleaksignore
file is diiferent.
Additional context
https://github.com/gitleaks/gitleaks/actions/runs/5259249899
The same issue has happened in this repository as well.
cc @zricethezav