Skip to content

CCM-18514: Gitleaks Config Improvements WSL Fixes#228

Merged
jamesthompson26-nhs merged 1 commit into
mainfrom
feature/CCM-18514_Gitleaks_Config_Improvements_WSL_Fix_v2
Jul 10, 2026
Merged

CCM-18514: Gitleaks Config Improvements WSL Fixes#228
jamesthompson26-nhs merged 1 commit into
mainfrom
feature/CCM-18514_Gitleaks_Config_Improvements_WSL_Fix_v2

Conversation

@jamesthompson26-nhs

Copy link
Copy Markdown
Contributor

Summary

This PR fixes scan-secrets so it works reliably for WSL users in interactive pre-commit runs.

What changed

  • Added cross-platform script handling in .github/actions/scan-secrets/scan-secrets.sh:
    • uses GNU-style script -c ... when supported (WSL/Linux)
    • falls back to BSD-style script logfile command ... on macOS
  • Added -e to script invocations so the child command (gitleaks) exit code is propagated.
    • this ensures secret findings correctly fail the hook instead of being masked by script exit behaviour

Why

  • WSL users were hitting GNU/BSD script CLI differences, causing the hook wrapper to fail or miss proper failure propagation in interactive mode.

Impact

  • Local secret scanning is now consistent across macOS and WSL/Linux.
  • GitHub Actions behaviour remains unchanged (CI path does not rely on interactive script wrapping).

Type of changes

  • Refactoring (non-breaking change)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would change existing functionality)
  • Bug fix (non-breaking change which fixes an issue)

Checklist

  • I am familiar with the contributing guidelines
  • I have followed the code style of the project
  • I have added tests to cover my changes
  • I have updated the documentation accordingly
  • This PR is a result of pair or mob programming

Sensitive Information Declaration

To ensure the utmost confidentiality and protect your and others privacy, we kindly ask you to NOT including PII (Personal Identifiable Information) / PID (Personal Identifiable Data) or any other sensitive data in this PR (Pull Request) and the codebase changes. We will remove any PR that do contain any sensitive information. We really appreciate your cooperation in this matter.

  • I confirm that neither PII/PID nor sensitive data are included in this PR and the codebase changes.

@jamesthompson26-nhs jamesthompson26-nhs requested a review from a team as a code owner July 10, 2026 11:00
@jamesthompson26-nhs jamesthompson26-nhs merged commit bd78a7c into main Jul 10, 2026
47 checks passed
@jamesthompson26-nhs jamesthompson26-nhs deleted the feature/CCM-18514_Gitleaks_Config_Improvements_WSL_Fix_v2 branch July 10, 2026 11:05
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants