coryHawkvelt/gatehouse-ui
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

ci: scan range histories
PR -> develop / Scan for secrets (Gitleaks) (pull_request) Successful in 4s
Details
PR -> develop / Scan for CVEs (Trivy) (pull_request) Failing after 3s
Details

Browse Source
This commit is contained in:
sangnn
2026-06-23 02:37:55 +00:00
parent be5abaec51
commit 9ac1eba4bf
1 changed files with 5 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
.gitea/workflows/pr-security-check.yml
+5 -1
View File
@@ -33,7 +33,11 @@ jobs:
mv gitleaks /usr/local/bin/gitleaks mv gitleaks /usr/local/bin/gitleaks
- name: Run secret scan - name: Run secret scan
run: gitleaks detect --source . --exit-code 1 --redact --verbose --log-level debug # Scan only the commits this PR introduces (base..head), not the whole history.
run: |
gitleaks detect --source . \
--log-opts="${{ github.event.pull_request.base.sha }}..${{ github.event.pull_request.head.sha }}" \
--exit-code 1 --redact --verbose --log-level debug
# ── 2. CVE scan ─────────────────────────────────────────────────────────────── # ── 2. CVE scan ───────────────────────────────────────────────────────────────
trivy: trivy: