BUG: Scanning a gitlab project with no commits crashes
ashearin opened this issue · comments
Allen Shearin commented
Describe the bug
Probably an edge case, but attempting to scan a repo with no commits fails.
$ go run main.go --repo gitlab.com/*****/test-repo
Starting [Vulnerabilities]
Starting [Dependency-Update-Tool]
Starting [Binary-Artifacts]
Starting [Maintained]
Starting [Security-Policy]
Starting [Contributors]
Starting [CII-Best-Practices]
Starting [Packaging]
Starting [Branch-Protection]
Starting [Pinned-Dependencies]
Starting [License]
Starting [Token-Permissions]
Starting [Fuzzing]
Starting [Code-Review]
Starting [Signed-Releases]
Starting [CI-Tests]
Starting [Dangerous-Workflow]
Starting [SAST]
panic: runtime error: index out of range [0] with length 0
Reproduction steps
Steps to reproduce the behavior:
- Create new GitLab repository (Do not initialize with a readme)
- Set
GITLAB_AUTH_TOKEN
(if above repo is private) - run
scorecard --repo gitlab.com/myrepo
Expected behavior
Scorecard runs/completes without error. Potentially returning a warning, but at least returning no score for anything commit based.
Additional context
Add any other context about the problem here.