Skip to content

trufflehog/3.88.13 package update #43599

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
OddBloke merged 3 commits into from
Feb 26, 2025
Merged

trufflehog/3.88.13 package update #43599

OddBloke merged 3 commits into from
Feb 26, 2025

Conversation

@octo-sts
Copy link
Contributor

@octo-sts octo-sts bot commented Feb 24, 2025

@wolfi-bot
trufflehog/3.88.13 package update
3bd3925 
Signed-off-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
@octo-sts octo-sts bot added request-version-update request for a newer version of a package automated pr labels Feb 24, 2025
@octo-sts
Copy link
Contributor Author

octo-sts bot commented Feb 24, 2025

⚠️ EXPERIMENTAL

Please use 👍 or 👎 on this comment to indicate if you agree or disagree with the recommendation.

To provide more detailed feedback please comment on the recommendation prefixed with /ai-verify:

e.g. /ai-verify partially helpful but I also added bash to the build environment

Gen AI suggestions to solve the build error:

Based on the error output, I can provide a specific analysis and solution:

• Detected Error:

warning: Could not find remote branch v3.88.13 to clone.
fatal: Remote branch v3.88.13 not found in upstream origin

• Error Category: Version/Git Tag

• Failure Point:
The git-checkout step failed when attempting to clone the specific version tag

• Root Cause Analysis:
The error occurs because the git-checkout step is trying to use v3.88.13 as a branch name instead of a tag. Based on the repository's tag naming convention, there might be a mismatch between the actual tag in the repository and what we're trying to checkout.

• Suggested Fix:
Modify the git-checkout step in the melange YAML to use either:

  - uses: git-checkout
    with:
      repository: https://github.com/trufflesecurity/trufflehog
      tag: v3.88.13
      expected-commit: 03e8af1075a7f7410664de9f6a1101268c9c8c92

Or verify the correct tag exists in the repository and update to match the actual tag name.

• Explanation:
The issue appears to be a tag naming convention mismatch. The git-checkout action is looking for the exact tag name, and if the repository uses a different format (like without the 'v' prefix or a different version number), the checkout will fail.

• Additional Notes:

  1. You can verify the correct tag by checking:
  2. The expected-commit hash should match the commit that the tag points to

• References:

@octo-sts octo-sts bot added the ai/skip-comment Stop AI from commenting on PR label Feb 24, 2025
@hbh7 hbh7 self-assigned this Feb 25, 2025
@octo-sts octo-sts bot added the bincapz/pass bincapz/pass Bincapz (aka. malcontent) scan didn't detect any CRITICALs on the scanned packages. label Feb 26, 2025
@hbh7 hbh7 requested a review from a team February 26, 2025 17:38
@OddBloke OddBloke merged commit a48f0e9 into main Feb 26, 2025
22 checks passed
@OddBloke OddBloke deleted the wolfictl-d6645947-d155-45fd-95b1-dbbbfac8f139 branch February 26, 2025 18:06
@octo-sts octo-sts bot mentioned this pull request May 21, 2025
Merged
This was referenced May 29, 2025
Closed
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@OddBloke OddBloke OddBloke approved these changes

Assignees

@hbh7 hbh7

Labels

ai/skip-comment Stop AI from commenting on PR automated pr bincapz/pass bincapz/pass Bincapz (aka. malcontent) scan didn't detect any CRITICALs on the scanned packages. manual/review-needed request-version-update request for a newer version of a package

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@OddBloke @hbh7 @wolfi-bot @AmberArcadia