Closed praveenkumarpk closed 5 months ago
Also seeing this when my workflow calls gitleaks on github actions
on: [workflow_call]
name: Scan repo for secrets
jobs:
gitleaks:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 50
- uses: gitleaks/gitleaks-action@v2
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
GITLEAKS_LICENSE: ${{ secrets.GITLEAKS_LICENSE}}
Output:
5:19PM INF 2 commits scanned.
5:19PM DBG Note: this number might be smaller than expected due to commits with no additions
5:19PM INF scan completed in 61.8ms
5:19PM INF no leaks found
/home/runner/work/_actions/gitleaks/gitleaks-action/v2/dist/index.js:1[28](https://github.com/aurorasolar/zarya/actions/runs/9290350749/job/25566563759#step:3:28)395
const artifactClient = artifact.create();
^
TypeError: artifact.create is not a function
at Object.Scan (/home/runner/work/_actions/gitleaks/gitleaks-action/v2/dist/index.js:128395:35)
at process.processTicksAndRejections (node:internal/process/task_queues:95:5)
at async start (/home/runner/work/_actions/gitleaks/gitleaks-action/v2/dist/index.js:139588:16)
Node.js v20.8.1
Suspect this is related to https://github.com/gitleaks/gitleaks-action/pull/153 which was merged 30 minutes ago, and updated a reference to artifact.
+1 I got this same error in my actions after the mentioned PR was merged.
+1
+1 pls fix 😢
Same here!!! On all repositories..
If it helps, here's the deprecation notice that shows up on successful runs before the action started breaking an hour ago.
I think this is because #153 bumped the dependency without changing how its used. I'd recommend reverting.
+1
+1, same issue in my workflows
+1
Workaround:
In your workflow file, use the last working version instead of the latest v2 release by specifying gitleaks/gitleaks-action@v2.3.4
instead of gitleaks/gitleaks-action@v2
:
jobs:
scan:
name: gitleaks
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- uses: gitleaks/gitleaks-action@v2.3.4
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
GITLEAKS_LICENSE: ${{ secrets.GITLEAKS_LICENSE}}
Opened pull request that should fix this issue
Huge thanks to @codykhon for the quick fix. Let me know if it's still broken
gitleaks-action/v2/dist/index.js:128395 const artifactClient = artifact.create(); ^
TypeError: artifact.create is not a function
Gitleaks/gitleaks-action@v2 gitleaks version: 8.16.1