Update secret-detection git log command
What does this MR do and why?
When doing some investigation for #349063 (closed) we discovered that the range of commits generated by git log
in the secret_detection
job has the potential to be wrong, and in some cases, time out the job.
This MR changes the ...
operation to ..
. If we take main...feature
as the example, the current ...
syntax means "give us commits that are reachable from feature
or main
but not both". This means we could be including commits that are not associated with the MR when scanning for secrets. Using main..feature
limits us to commits that are just in feature
.
More reading:
Screenshots or screen recordings
These are strongly recommended to assist reviewers and reduce the time to merge your change.
How to set up and validate locally
Numbered steps to set up and validate the change are strongly suggested.
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.