gitleaks: v7.6.0 makes a 'could not generate Patch' error

Describe the bug When using the newest GitLeaks version (v7.6.0), I now am seeing a new error:

time="2021-09-08T15:37:19Z" level=info msg="opening ./\n"
time="2021-09-08T15:37:20Z" level=info msg="scan time: 1 second 67 milliseconds 150 microseconds"
time="2021-09-08T15:37:20Z" level=error msg="could not generate Patch"

Here’s the run with v7.6.0: https://github.com/emmahsax/emmahsax.github.io/runs/3546589868?check_suite_focus=true

Here’s the same run with v7.5.0: https://github.com/emmahsax/emmahsax.github.io/runs/3546602697?check_suite_focus=true

To get this, I’m running it with a --path='./' flag, and I’m passing in an additional config with a list of commits with the --commits flag.

To Reproduce Steps to reproduce the behavior:

Expected behavior A clear and concise description of what you expected to happen.

Screenshots If applicable, add screenshots to help explain your problem.

Basic Info (please complete the following information):

OS:
Gitleaks Version:

Additional context Add any other context about the problem here.

cc @zricethezav

About this issue

Original URL
State: closed
Created 3 years ago
Reactions: 3
Comments: 27 (16 by maintainers)

Commits related to this issue

fix: Failures due to bug in `v7.6.1` => Downgrade While we look for a fix to this same bug and then jump to `v8`, this commit temporary downgrade Gitleaks action version as suggested by the author. ... — committed to motain/gitleaks-action by andreabenfatto 2 years ago
fix: Failures due to bug in `v7.6.1` => Downgrade (#11) While we look for a fix to this same bug and then jump to `v8`, this commit temporary downgrade Gitleaks action version as suggested by the a... — committed to motain/gitleaks-action by andreabenfatto 2 years ago

Most upvoted comments

@emmahsax, nothing more than we saw earlier. --verbose didn’t add details to the output.

$ gitleaks --path=my-repo/ --verbose --debug
INFO[0000] opening my-repo/                             
ERRO[0011] could not generate Patch                     
ERRO[0096] could not generate Patch                     
ERRO[0108] could not generate Patch                     
ERRO[0135] object not found                             
INFO[0135] scan time: 2 minutes 15 seconds 799 milliseconds 811 microseconds 
INFO[0135] commits scanned: 206                         
INFO[0135] No leaks found

cyrusmatsumori on Oct 27, 2021

@cyrusmatsumori Maybe the --verbose flag? It may give a little more than what you’ve got now?

emmahsax on Oct 25, 2021

@w0rmr1d3r I’ve been unable to get it to trigger locally. However, @cyrusmatsumori and @ashokm may have been able to get it to consistently trigger locally.

emmahsax on Oct 22, 2021

I’ve found that if the commit is a pretty large one (like a package-lock.json file being committed/updated) this error occurs. Perhaps this problem is related to https://github.com/zricethezav/gitleaks/pull/414?

ashokm on Oct 22, 2021

@zricethezav I’m continuing to run into similar issues, but this time on GitLab CI:

time="2021-09-28T16:36:02Z" level=info msg="opening ./\n"
time="2021-09-28T16:36:04Z" level=info msg="scan time: 1 second 376 milliseconds 905 microseconds"
time="2021-09-28T16:36:04Z" level=error msg="could not generate Patch"

I’ve tried removing the / in the --path (same error), changing it from single-quotes to double-quotes (gitleaks ignored my commits because it couldn’t find the object, which implied the commits weren’t being interpolated correctly). I, again, think the path isn’t being set properly. Lastly, it’s again just an issue with >= v7.6.0, so version 7.5.0 continues to work as expected.

gitleaks:
  image:
    name: zricethezav/gitleaks
    entrypoint: [""]
  variables:
    GIT_DEPTH: ''
  script: |
    commits=$(git rev-list $CI_COMMIT_SHA \
      ^origin/$CI_MERGE_REQUEST_TARGET_BRANCH_NAME \
      | sed 's/^\|$//g' | paste -sd, -
    )
    gitleaks --verbose --path="./" --commits="$commits" --additional-config=".gitlab/ci/gitleaks.toml"

emmahsax on Sep 28, 2021