Skip to content

TEST ONLY — verify two-pass gitleaks CI (do not merge)#20

Closed
fitz123 wants to merge 1 commit into
mainfrom
ci-test-twopass-gitleaks
Closed

TEST ONLY — verify two-pass gitleaks CI (do not merge)#20
fitz123 wants to merge 1 commit into
mainfrom
ci-test-twopass-gitleaks

Conversation

@fitz123
Copy link
Copy Markdown
Owner

@fitz123 fitz123 commented May 18, 2026

Draft to validate that fitz123/claude-code-bot#126 (two-pass gitleaks
workflow) actually runs end-to-end in CI when called by bb-dpi.

The only change in this PR is repointing pii-scan.yml at the
@gitleaks-scan-commit-messages ref of the reusable workflow.

Expectation: the PII Scan check should report TWO steps:

  1. existing gitleaks/gitleaks-action@v2 (diffs)
  2. new Scan commit messages for PII

Both must succeed (this PR's commit message is clean).

Will close + delete the branch once CI confirms behavior — DO NOT MERGE.

@fitz123
Copy link
Copy Markdown
Owner Author

fitz123 commented May 18, 2026

Validation complete: the new commit-message scan step ran and reported 'no leaks found' on the clean test message. The CI failure is from gitleaks-action@v2 (diff scan) catching a false positive on '@gitleaks' from the temporary 'uses: ...@gitleaks-scan-commit-messages' pin in this branch — pre-existing telegram-handles rule, not from this PR's new code. Real merged state (@main) won't trigger it.

@fitz123 fitz123 closed this May 18, 2026
@fitz123 fitz123 deleted the ci-test-twopass-gitleaks branch May 18, 2026 10:04
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Awaiting requested review from Copilot Copilot will automatically review once the pull request is marked ready for review

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@fitz123