Skip to content

fix

fix #510

Workflow file for this run

name: Security Checks
on:
push:
permissions:
contents: read
jobs:
trufflehog:
runs-on: ubuntu-latest
steps:
- shell: bash
run: |
if [ "$EVENT_NAME" == "push" ]; then
echo "depth=$($(jq length <<< $COMMITS) + 2)" >> $GITHUB_ENV
echo "branch=$REF_NAME" >> $GITHUB_ENV
fi
if [ "$EVENT_NAME" == "pull_request" ]; then
echo "depth=$($PR_COMMITS+2)" >> $GITHUB_ENV
echo "branch=$PR_REF" >> $GITHUB_ENV
fi
env:
REF_NAME: ${{ github.ref_name }}
EVENT_NAME: ${{ github.event_name }}
COMMITS: ${{ toJson(github.event.commits) }}
PR_REF: ${{ github.event.pull_request.head.ref }}
PR_COMMITS: ${{ github.event.pull_request.commits }}
- name: Checkout code
uses: actions/checkout@v4
with:
ref: ${{env.branch}}
fetch-depth: ${{env.depth}}
- name: Scan for secrets
uses: trufflesecurity/trufflehog@main