ggshield icon indicating copy to clipboard operation
ggshield copied to clipboard

Published 20 hours ago verified publisher icon GitGuardian

ggshield pre-push scans more commits than necessary

Open agateau-gg opened this issue 2 years ago • 1 comments

GitGuardian Shield Version

  • 1.12.0

Describe the bug

When scanning a new branch, ggshield pre-push hook is not able to detect the branch start and resort to scanning the last N commits (N being 50 by default).

Expected behavior

The hook should only scan the commits between the branch start and the HEAD.

pre-commit supports this (see https://github.com/pre-commit/pre-commit/blob/bdc08d828591b90a3371f6abbaec325a0f36b79d/pre_commit/commands/hook_impl.py#L134). ggshield should do something similar.

TODO

  • [ ] Fix the bug for pre-push
  • [ ] See if the fix can also be applied to pre-receive. If it's simple: fix it. If it's not, open an issue to fix this on pre-receive.

The attached script (repro-git-push-new-branch.zip) makes it easy to reproduce the bug.

agateau-gg avatar Jul 19 '22 10:07 agateau-gg

Can you also test this use case on tagging as well

donald-ngo avatar Sep 08 '22 17:09 donald-ngo