21

[itsarraj0test]

AppSec Wiki Pull Request

Change Description:

Changes Made:

Reason for Change:

Checklist:

• I have tested the changes locally
• Is Code changes ready for review
• I have proofread the changes to ensure accuracy
• I have tested any links or references within the wiki page
• I have checked for consistency with other existing pages (if applicable)
• I have updated any relevant cross-references or documentation

[github-actions]

Hey @itsarraj0test 👋, Thanks for contributing the new Pull Request !!

Secrets Bot

🔎 Detected hardcoded secrets in your pull request

🛠 Guidelines to remediate hardcoded secrets

1. Understand the implications of revoking this secret by investigating where it is used in your code.
2. Replace and store your secrets safely. Learn here the best practices.
3. Revoke and rotate these secrets.
4. If possible, rewrite git history. Rewriting git history is not a trivial act. You might completely break other contributing developers' workflow and you risk accidentally deleting legitimate data.

To avoid such incidents in the future consider

• following these best practices for managing and storing secrets including API keys and other credentials

SCA Bot

All good in the hood no vulnerable package found in raised Pull-Request. Please consider investigating the findings and remediating the incidents. Failure to do so may lead to compromising the associated services or software components.

[github-actions]

Hey @itsarraj0test 👋, Thanks for contributing the new Pull Request !!

Secrets Bot

2024-10-08T07:17:08.6792508Z Current runner version: '2.320.0'
2024-10-08T07:17:08.6816519Z ##[group]Operating System
2024-10-08T07:17:08.6817279Z Ubuntu
2024-10-08T07:17:08.6817631Z 22.04.5
2024-10-08T07:17:08.6817928Z LTS
2024-10-08T07:17:08.6818335Z ##[endgroup]
2024-10-08T07:17:08.6818903Z ##[group]Runner Image
2024-10-08T07:17:08.6819313Z Image: ubuntu-22.04
2024-10-08T07:17:08.6819787Z Version: 20240922.1.0
2024-10-08T07:17:08.6820768Z Included Software: https://github.com/actions/runner-images/blob/ubuntu22/20240922.1/images/ubuntu/Ubuntu2204-Readme.md
2024-10-08T07:17:08.6822228Z Image Release: https://github.com/actions/runner-images/releases/tag/ubuntu22%2F20240922.1
2024-10-08T07:17:08.6823100Z ##[endgroup]
2024-10-08T07:17:08.6823493Z ##[group]Runner Image Provisioner
2024-10-08T07:17:08.6823989Z 2.0.384.1
2024-10-08T07:17:08.6824343Z ##[endgroup]
2024-10-08T07:17:08.6838726Z ##[group]GITHUB_TOKEN Permissions
2024-10-08T07:17:08.6840415Z Issues: write
2024-10-08T07:17:08.6840857Z Metadata: read
2024-10-08T07:17:08.6841492Z PullRequests: write
2024-10-08T07:17:08.6841986Z ##[endgroup]
2024-10-08T07:17:08.6844922Z Secret source: Actions
2024-10-08T07:17:08.6845538Z Prepare workflow directory
2024-10-08T07:17:08.7482792Z Prepare all required actions
2024-10-08T07:17:08.7639759Z Getting action download info
2024-10-08T07:17:08.9935878Z Download action repository 'actions/checkout@v3' (SHA:f43a0e5ff2bd294095638e18286ca9a3d1956744)
2024-10-08T07:17:09.1147668Z Download action repository 'trufflesecurity/TruffleHog-Enterprise-Github-Action@main' (SHA:896eb9c43cebe80ae73e5aa5948595121ac7229c)
2024-10-08T07:17:09.4422019Z Complete job name: TruffleHog Bot scan
2024-10-08T07:17:09.5045056Z ##[group]Build container for action use: '/home/runner/work/_actions/trufflesecurity/TruffleHog-Enterprise-Github-Action/main/Dockerfile'.
2024-10-08T07:17:09.5101971Z ##[command]/usr/bin/docker build -t 5d845e:166a73cd1a2f49fdbf2c3ab38717d328 -f "/home/runner/work/_actions/trufflesecurity/TruffleHog-Enterprise-Github-Action/main/Dockerfile" "/home/runner/work/_actions/trufflesecurity/TruffleHog-Enterprise-Github-Action/main"
2024-10-08T07:17:10.0144406Z #0 building with "default" instance using docker driver
2024-10-08T07:17:10.0145244Z
2024-10-08T07:17:10.0145518Z #1 [internal] load build definition from Dockerfile
2024-10-08T07:17:10.0146222Z #1 transferring dockerfile: 153B done
2024-10-08T07:17:10.0146759Z #1 DONE 0.0s
2024-10-08T07:17:10.0147075Z
2024-10-08T07:17:10.0147589Z #2 [internal] load metadata for us-docker.pkg.dev/thog-artifacts/public/scanner:latest
2024-10-08T07:17:10.7686563Z #2 DONE 0.9s
2024-10-08T07:17:10.8839147Z
2024-10-08T07:17:10.8839723Z #3 [internal] load .dockerignore
2024-10-08T07:17:10.8840572Z #3 transferring context: 2B done
2024-10-08T07:17:10.8841154Z #3 DONE 0.0s
2024-10-08T07:17:10.8841390Z
2024-10-08T07:17:10.8841627Z #4 [internal] load build context
2024-10-08T07:17:10.8842208Z #4 transferring context: 112B done
2024-10-08T07:17:10.8842727Z #4 DONE 0.0s
2024-10-08T07:17:10.8842934Z
2024-10-08T07:17:10.8843730Z #5 [1/2] FROM us-docker.pkg.dev/thog-artifacts/public/scanner:latest@sha256:3ddf1817b36313e28549c98fae955474c963929488c2762a3e17d8cd9ad7f7d1
2024-10-08T07:17:10.8845506Z #5 resolve us-docker.pkg.dev/thog-artifacts/public/scanner:latest@sha256:3ddf1817b36313e28549c98fae955474c963929488c2762a3e17d8cd9ad7f7d1 done
2024-10-08T07:17:10.8846621Z #5 sha256:168a6eafcab8a6ddbd4c7ffa6d817c1b68663a5288cc3e5b96e7a342759a067c 0B / 70.83MB 0.1s
2024-10-08T07:17:10.8847486Z #5 sha256:3ddf1817b36313e28549c98fae955474c963929488c2762a3e17d8cd9ad7f7d1 743B / 743B done
2024-10-08T07:17:10.8848437Z #5 sha256:6d9d40a1eb71b3a08e69ca6dff5dc75a671389eacefdb46fe572b48990c1777f 1.16kB / 1.16kB done
2024-10-08T07:17:10.8849814Z #5 sha256:73e5984d21eba9ed309a98a73bea0f5005954f47397b7ebf5ee5fdfe62c1b2b3 1.84kB / 1.84kB done
2024-10-08T07:17:10.8851083Z #5 sha256:32b772fa507186eddade1aa8a0f01f5ceacba1fa94a5bb968eb355ac417baca3 0B / 3.63MB 0.1s
2024-10-08T07:17:10.8852109Z #5 sha256:21ecfc38e68b3aeecee7c524fa165b63cf445f093e3c2197f8099ece79d61f2d 0B / 10.43MB 0.1s
2024-10-08T07:17:10.9844037Z #5 sha256:32b772fa507186eddade1aa8a0f01f5ceacba1fa94a5bb968eb355ac417baca3 3.63MB / 3.63MB 0.2s
2024-10-08T07:17:11.1867339Z #5 sha256:168a6eafcab8a6ddbd4c7ffa6d817c1b68663a5288cc3e5b96e7a342759a067c 26.21MB / 70.83MB 0.4s
2024-10-08T07:17:11.1869682Z #5 sha256:32b772fa507186eddade1aa8a0f01f5ceacba1fa94a5bb968eb355ac417baca3 3.63MB / 3.63MB 0.2s done
2024-10-08T07:17:11.1871310Z #5 sha256:21ecfc38e68b3aeecee7c524fa165b63cf445f093e3c2197f8099ece79d61f2d 10.43MB / 10.43MB 0.4s
2024-10-08T07:17:11.1872905Z #5 extracting sha256:32b772fa507186eddade1aa8a0f01f5ceacba1fa94a5bb968eb355ac417baca3 0.1s done
2024-10-08T07:17:11.1874324Z #5 sha256:0beab322d5169c30c34fd495071b4ecda5d29e324dfc70a397df0b13fcce9b61 184B / 184B 0.4s
2024-10-08T07:17:11.2916590Z #5 sha256:168a6eafcab8a6ddbd4c7ffa6d817c1b68663a5288cc3e5b96e7a342759a067c 50.33MB / 70.83MB 0.5s
2024-10-08T07:17:11.2918465Z #5 sha256:21ecfc38e68b3aeecee7c524fa165b63cf445f093e3c2197f8099ece79d61f2d 10.43MB / 10.43MB 0.4s done
2024-10-08T07:17:11.2920551Z #5 sha256:0beab322d5169c30c34fd495071b4ecda5d29e324dfc70a397df0b13fcce9b61 184B / 184B 0.4s done
2024-10-08T07:17:11.2922139Z #5 extracting sha256:21ecfc38e68b3aeecee7c524fa165b63cf445f093e3c2197f8099ece79d61f2d 0.1s
2024-10-08T07:17:11.3929077Z #5 sha256:168a6eafcab8a6ddbd4c7ffa6d817c1b68663a5288cc3e5b96e7a342759a067c 70.83MB / 70.83MB 0.6s
2024-10-08T07:17:11.5730330Z #5 sha256:168a6eafcab8a6ddbd4c7ffa6d817c1b68663a5288cc3e5b96e7a342759a067c 70.83MB / 70.83MB 0.7s done
2024-10-08T07:17:11.5732985Z #5 extracting sha256:21ecfc38e68b3aeecee7c524fa165b63cf445f093e3c2197f8099ece79d61f2d 0.2s done
2024-10-08T07:17:11.5734577Z #5 extracting sha256:168a6eafcab8a6ddbd4c7ffa6d817c1b68663a5288cc3e5b96e7a342759a067c
2024-10-08T07:17:11.9971604Z #5 extracting sha256:168a6eafcab8a6ddbd4c7ffa6d817c1b68663a5288cc3e5b96e7a342759a067c 0.3s done
2024-10-08T07:17:11.9973014Z #5 extracting sha256:0beab322d5169c30c34fd495071b4ecda5d29e324dfc70a397df0b13fcce9b61
2024-10-08T07:17:12.1910720Z #5 extracting sha256:0beab322d5169c30c34fd495071b4ecda5d29e324dfc70a397df0b13fcce9b61 done
2024-10-08T07:17:12.1911451Z #5 DONE 1.3s
2024-10-08T07:17:12.1911634Z
2024-10-08T07:17:12.1911891Z #6 [2/2] COPY entrypoint.sh /entrypoint.sh
2024-10-08T07:17:12.1912461Z #6 DONE 0.0s
2024-10-08T07:17:12.1912638Z
2024-10-08T07:17:12.1912764Z #7 exporting to image
2024-10-08T07:17:12.1913139Z #7 exporting layers
2024-10-08T07:17:13.0057577Z #7 exporting layers 1.0s done
2024-10-08T07:17:13.0317729Z #7 writing image sha256:793fa8133facf7caff23bc2736f612254874174757cb6a1cceb31222c32dd77c done
2024-10-08T07:17:13.0319623Z #7 naming to docker.io/library/5d845e:166a73cd1a2f49fdbf2c3ab38717d328 done
2024-10-08T07:17:13.0320815Z #7 DONE 1.0s
2024-10-08T07:17:13.0393649Z ##[endgroup]
2024-10-08T07:17:13.0796243Z ##[group]Run actions/checkout@v3
2024-10-08T07:17:13.0796813Z with:
2024-10-08T07:17:13.0797121Z fetch-depth: 0
2024-10-08T07:17:13.0797489Z repository: itsarraj/PRBotCheck
2024-10-08T07:17:13.0798181Z token: ***
2024-10-08T07:17:13.0798510Z ssh-strict: true
2024-10-08T07:17:13.0799099Z persist-credentials: true
2024-10-08T07:17:13.0799563Z clean: true
2024-10-08T07:17:13.0799873Z sparse-checkout-cone-mode: true
2024-10-08T07:17:13.0800269Z fetch-tags: false
2024-10-08T07:17:13.0800673Z lfs: false
2024-10-08T07:17:13.0800961Z submodules: false
2024-10-08T07:17:13.0801307Z set-safe-directory: true
2024-10-08T07:17:13.0801743Z ##[endgroup]
2024-10-08T07:17:13.2720589Z Syncing repository: itsarraj/PRBotCheck
2024-10-08T07:17:13.2722330Z ##[group]Getting Git version info
2024-10-08T07:17:13.2723177Z Working directory is '/home/runner/work/PRBotCheck/PRBotCheck'
2024-10-08T07:17:13.2724085Z [command]/usr/bin/git version
2024-10-08T07:17:13.2724641Z git version 2.46.1
2024-10-08T07:17:13.2726050Z ##[endgroup]
2024-10-08T07:17:13.2737815Z Temporarily overriding HOME='/home/runner/work/_temp/ad6f8427-b240-42f3-9c51-fdf27aee0fb6' before making global git config changes
2024-10-08T07:17:13.2739215Z Adding repository directory to the temporary git global config as a safe directory
2024-10-08T07:17:13.2740589Z [command]/usr/bin/git config --global --add safe.directory /home/runner/work/PRBotCheck/PRBotCheck
2024-10-08T07:17:13.2742631Z Deleting the contents of '/home/runner/work/PRBotCheck/PRBotCheck'
2024-10-08T07:17:13.2745469Z ##[group]Initializing the repository
2024-10-08T07:17:13.2748245Z [command]/usr/bin/git init /home/runner/work/PRBotCheck/PRBotCheck
2024-10-08T07:17:13.2824474Z hint: Using 'master' as the name for the initial branch. This default branch name
2024-10-08T07:17:13.2825493Z hint: is subject to change. To configure the initial branch name to use in all
2024-10-08T07:17:13.2826489Z hint: of your new repositories, which will suppress this warning, call:
2024-10-08T07:17:13.2827030Z hint:
2024-10-08T07:17:13.2827494Z hint: git config --global init.defaultBranch
2024-10-08T07:17:13.2828047Z hint:
2024-10-08T07:17:13.2828557Z hint: Names commonly chosen instead of 'master' are 'main', 'trunk' and
2024-10-08T07:17:13.2830077Z hint: 'development'. The just-created branch can be renamed via this command:
2024-10-08T07:17:13.2830750Z hint:
2024-10-08T07:17:13.2831070Z hint: git branch -m
2024-10-08T07:17:13.2831685Z Initialized empty Git repository in /home/runner/work/PRBotCheck/PRBotCheck/.git/
2024-10-08T07:17:13.2838057Z [command]/usr/bin/git remote add origin https://github.com/itsarraj/PRBotCheck
2024-10-08T07:17:13.2867135Z ##[endgroup]
2024-10-08T07:17:13.2867769Z ##[group]Disabling automatic garbage collection
2024-10-08T07:17:13.2870036Z [command]/usr/bin/git config --local gc.auto 0
2024-10-08T07:17:13.2896117Z ##[endgroup]
2024-10-08T07:17:13.2896725Z ##[group]Setting up auth
2024-10-08T07:17:13.2901204Z [command]/usr/bin/git config --local --name-only --get-regexp core.sshCommand
2024-10-08T07:17:13.2926644Z [command]/usr/bin/git submodule foreach --recursive sh -c "git config --local --name-only --get-regexp 'core.sshCommand' && git config --local --unset-all 'core.sshCommand' || :"
2024-10-08T07:17:13.3247404Z [command]/usr/bin/git config --local --name-only --get-regexp http.https://github.com/.extraheader
2024-10-08T07:17:13.3272572Z [command]/usr/bin/git submodule foreach --recursive sh -c "git config --local --name-only --get-regexp 'http.https://github.com/.extraheader' && git config --local --unset-all 'http.https://github.com/.extraheader' || :"
2024-10-08T07:17:13.3491901Z [command]/usr/bin/git config --local http.https://github.com/.extraheader AUTHORIZATION: basic ***
2024-10-08T07:17:13.3524464Z ##[endgroup]
2024-10-08T07:17:13.3525237Z ##[group]Fetching the repository
2024-10-08T07:17:13.3534525Z [command]/usr/bin/git -c protocol.version=2 fetch --prune --progress --no-recurse-submodules origin +refs/heads/:refs/remotes/origin/ +refs/tags/:refs/tags/
2024-10-08T07:17:13.5781700Z remote: Enumerating objects: 32, done.
2024-10-08T07:17:13.5782755Z remote: Counting objects: 3% (1/32)
2024-10-08T07:17:13.5783427Z remote: Counting objects: 6% (2/32)
2024-10-08T07:17:13.5784366Z remote: Counting objects: 9% (3/32)
2024-10-08T07:17:13.5785082Z remote: Counting objects: 12% (4/32)
2024-10-08T07:17:13.5785848Z remote: Counting objects: 15% (5/32)
2024-10-08T07:17:13.5786762Z remote: Counting objects: 18% (6/32)
2024-10-08T07:17:13.5787599Z remote: Counting objects: 21% (7/32)
2024-10-08T07:17:13.5788444Z remote: Counting objects: 25% (8/32)
2024-10-08T07:17:13.5789586Z remote: Counting objects: 28% (9/32)
2024-10-08T07:17:13.5790391Z remote: Counting objects: 31% (10/32)
2024-10-08T07:17:13.5791209Z remote: Counting objects: 34% (11/32)
2024-10-08T07:17:13.5792075Z remote: Counting objects: 37% (12/32)
2024-10-08T07:17:13.5792863Z remote: Counting objects: 40% (13/32)
2024-10-08T07:17:13.5793584Z remote: Counting objects: 43% (14/32)
2024-10-08T07:17:13.5794378Z remote: Counting objects: 46% (15/32)
2024-10-08T07:17:13.5795436Z remote: Counting objects: 50% (16/32)
2024-10-08T07:17:13.5796267Z remote: Counting objects: 53% (17/32)
2024-10-08T07:17:13.5797103Z remote: Counting objects: 56% (18/32)
2024-10-08T07:17:13.5798097Z remote: Counting objects: 59% (19/32)
2024-10-08T07:17:13.5799100Z remote: Counting objects: 62% (20/32)
2024-10-08T07:17:13.5800039Z remote: Counting objects: 65% (21/32)
2024-10-08T07:17:13.5800929Z remote: Counting objects: 68% (22/32)
2024-10-08T07:17:13.5801667Z remote: Counting objects: 71% (23/32)
2024-10-08T07:17:13.5802434Z remote: Counting objects: 75% (24/32)
2024-10-08T07:17:13.5803372Z remote: Counting objects: 78% (25/32)
2024-10-08T07:17:13.5804154Z remote: Counting objects: 81% (26/32)
2024-10-08T07:17:13.5805015Z remote: Counting objects: 84% (27/32)
2024-10-08T07:17:13.5805840Z remote: Counting objects: 87% (28/32)
2024-10-08T07:17:13.5806514Z remote: Counting objects: 90% (29/32)
2024-10-08T07:17:13.5807293Z remote: Counting objects: 93% (30/32)
2024-10-08T07:17:13.5808087Z remote: Counting objects: 96% (31/32)
2024-10-08T07:17:13.5809207Z remote: Counting objects: 100% (32/32)
2024-10-08T07:17:13.5810126Z remote: Counting objects: 100% (32/32), done.
2024-10-08T07:17:13.5810963Z remote: Compressing objects: 4% (1/22)
2024-10-08T07:17:13.5811672Z remote: Compressing objects: 9% (2/22)
2024-10-08T07:17:13.5812423Z remote: Compressing objects: 13% (3/22)
2024-10-08T07:17:13.5813204Z remote: Compressing objects: 18% (4/22)
2024-10-08T07:17:13.5813969Z remote: Compressing objects: 22% (5/22)
2024-10-08T07:17:13.5814758Z remote: Compressing objects: 27% (6/22)
2024-10-08T07:17:13.5815568Z remote: Compressing objects: 31% (7/22)
2024-10-08T07:17:13.5816318Z remote: Compressing objects: 36% (8/22)
2024-10-08T07:17:13.5823242Z remote: Compressing objects: 40% (9/22)
2024-10-08T07:17:13.5824123Z remote: Compressing objects: 45% (10/22)
2024-10-08T07:17:13.5824941Z remote: Compressing objects: 50% (11/22)
2024-10-08T07:17:13.5825918Z remote: Compressing objects: 54% (12/22)
2024-10-08T07:17:13.5826801Z remote: Compressing objects: 59% (13/22)
2024-10-08T07:17:13.5827701Z remote: Compressing objects: 63% (14/22)
2024-10-08T07:17:13.5828892Z remote: Compressing objects: 68% (15/22)
2024-10-08T07:17:13.5829837Z remote: Compressing objects: 72% (16/22)
2024-10-08T07:17:13.5830748Z remote: Compressing objects: 77% (17/22)
2024-10-08T07:17:13.5831690Z remote: Compressing objects: 81% (18/22)
2024-10-08T07:17:13.5832800Z remote: Compressing objects: 86% (19/22)
2024-10-08T07:17:13.5833708Z remote: Compressing objects: 90% (20/22)
2024-10-08T07:17:13.5834666Z remote: Compressing objects: 95% (21/22)
2024-10-08T07:17:13.5835456Z remote: Compressing objects: 100% (22/22)
2024-10-08T07:17:13.5836388Z remote: Compressing objects: 100% (22/22), done.
2024-10-08T07:17:13.5838127Z remote: Total 32 (delta 12), reused 25 (delta 5), pack-reused 0 (from 0)
2024-10-08T07:17:13.5917174Z From https://github.com/itsarraj/PRBotCheck
2024-10-08T07:17:13.5918973Z * [new branch] master -> origin/master
2024-10-08T07:17:13.5956337Z [command]/usr/bin/git branch --list --remote origin/master
2024-10-08T07:17:13.5979640Z origin/master
2024-10-08T07:17:13.5990264Z [command]/usr/bin/git rev-parse refs/remotes/origin/master
2024-10-08T07:17:13.6013411Z 62868f4
2024-10-08T07:17:13.6022497Z ##[endgroup]
2024-10-08T07:17:13.6023772Z ##[group]Determining the checkout info
2024-10-08T07:17:13.6025017Z ##[endgroup]
2024-10-08T07:17:13.6026296Z ##[group]Checking out the ref
2024-10-08T07:17:13.6027960Z [command]/usr/bin/git checkout --progress --force -B master refs/remotes/origin/master
2024-10-08T07:17:13.6072765Z Reset branch 'master'
2024-10-08T07:17:13.6076559Z branch 'master' set up to track 'origin/master'.
2024-10-08T07:17:13.6083399Z ##[endgroup]
2024-10-08T07:17:13.6120205Z [command]/usr/bin/git log -1 --format='%H'
2024-10-08T07:17:13.6143196Z '62868f47b40a795a4d99b3e3ddec9e6e76e772f0'
2024-10-08T07:17:13.6447970Z ##[group]Run trufflesecurity/TruffleHog-Enterprise-Github-Action@main
2024-10-08T07:17:13.6448845Z with:
2024-10-08T07:17:13.6449239Z args: --fail-verified master HEAD --json
2024-10-08T07:17:13.6449647Z ##[endgroup]
2024-10-08T07:17:13.6668422Z ##[command]/usr/bin/docker run --name d845e166a73cd1a2f49fdbf2c3ab38717d328_db0635 --label 5d845e --workdir /github/workspace --rm -e "INPUT_ARGS" -e "HOME" -e "GITHUB_JOB" -e "GITHUB_REF" -e "GITHUB_SHA" -e "GITHUB_REPOSITORY" -e "GITHUB_REPOSITORY_OWNER" -e "GITHUB_REPOSITORY_OWNER_ID" -e "GITHUB_RUN_ID" -e "GITHUB_RUN_NUMBER" -e "GITHUB_RETENTION_DAYS" -e "GITHUB_RUN_ATTEMPT" -e "GITHUB_REPOSITORY_ID" -e "GITHUB_ACTOR_ID" -e "GITHUB_ACTOR" -e "GITHUB_TRIGGERING_ACTOR" -e "GITHUB_WORKFLOW" -e "GITHUB_HEAD_REF" -e "GITHUB_BASE_REF" -e "GITHUB_EVENT_NAME" -e "GITHUB_SERVER_URL" -e "GITHUB_API_URL" -e "GITHUB_GRAPHQL_URL" -e "GITHUB_REF_NAME" -e "GITHUB_REF_PROTECTED" -e "GITHUB_REF_TYPE" -e "GITHUB_WORKFLOW_REF" -e "GITHUB_WORKFLOW_SHA" -e "GITHUB_WORKSPACE" -e "GITHUB_ACTION" -e "GITHUB_EVENT_PATH" -e "GITHUB_ACTION_REPOSITORY" -e "GITHUB_ACTION_REF" -e "GITHUB_PATH" -e "GITHUB_ENV" -e "GITHUB_STEP_SUMMARY" -e "GITHUB_STATE" -e "GITHUB_OUTPUT" -e "RUNNER_OS" -e "RUNNER_ARCH" -e "RUNNER_NAME" -e "RUNNER_ENVIRONMENT" -e "RUNNER_TOOL_CACHE" -e "RUNNER_TEMP" -e "RUNNER_WORKSPACE" -e "ACTIONS_RUNTIME_URL" -e "ACTIONS_RUNTIME_TOKEN" -e "ACTIONS_CACHE_URL" -e "ACTIONS_RESULTS_URL" -e GITHUB_ACTIONS=true -e CI=true -v "/var/run/docker.sock":"/var/run/docker.sock" -v "/home/runner/work/_temp/_github_home":"/github/home" -v "/home/runner/work/_temp/_github_workflow":"/github/workflow" -v "/home/runner/work/_temp/_runner_file_commands":"/github/file_commands" -v "/home/runner/work/PRBotCheck/PRBotCheck":"/github/workspace" 5d845e:166a73cd1a2f49fdbf2c3ab38717d328 "--fail-verified master HEAD --json"
2024-10-08T07:17:15.9373487Z {"level":"info-0","ts":"2024-10-08T07:17:15Z","logger":"thog/scanner","msg":"running trufflehog","pid":"NyK1B","version":"v1.90.20"}
2024-10-08T07:17:15.9374568Z
2024-10-08T07:17:15.9377815Z {"level":"info-0","ts":"2024-10-08T07:17:15Z","logger":"thog/scanner","msg":"log level set","pid":"NyK1B","version":"v1.90.20","level":0}
2024-10-08T07:17:15.9380200Z {"level":"info-0","ts":"2024-10-08T07:17:15Z","logger":"thog/scanner","msg":"resolved base reference","pid":"NyK1B","version":"v1.90.20","commit":"62868f47b40a795a4d99b3e3ddec9e6e76e772f0"}
2024-10-08T07:17:15.9382424Z {"level":"info-0","ts":"2024-10-08T07:17:15Z","logger":"thog/scanner","msg":"resolved head reference","pid":"NyK1B","version":"v1.90.20","commit":"62868f47b40a795a4d99b3e3ddec9e6e76e772f0"}
2024-10-08T07:17:15.9384904Z {"level":"info-0","ts":"2024-10-08T07:17:15Z","logger":"thog/scanner","msg":"resolved common merge base between references","pid":"NyK1B","version":"v1.90.20","commit":"62868f47b40a795a4d99b3e3ddec9e6e76e772f0"}
2024-10-08T07:17:15.9386726Z 🐷🔑🐷 TruffleHog. Unearth your secrets. 🐷🔑🐷
2024-10-08T07:17:15.9387310Z version: v1.90.20
2024-10-08T07:17:15.9387528Z
2024-10-08T07:17:15.9389084Z {"level":"info-0","ts":"2024-10-08T07:17:15Z","logger":"thog/scanner","msg":"scanning repo","pid":"NyK1B","version":"v1.90.20","repo":"https://github.com/itsarraj/PRBotCheck","base":"62868f47b40a795a4d99b3e3ddec9e6e76e772f0","head":"62868f47b40a795a4d99b3e3ddec9e6e76e772f0"}
2024-10-08T07:17:15.9430294Z {"level":"info-0","ts":"2024-10-08T07:17:15Z","logger":"thog/scanner","msg":"finished scanning commits","pid":"NyK1B","version":"v1.90.20","commits_scanned":0}
2024-10-08T07:17:15.9432088Z {"level":"info-0","ts":"2024-10-08T07:17:15Z","logger":"thog/scanner","msg":"no secrets found","pid":"NyK1B","version":"v1.90.20"}
2024-10-08T07:17:16.0413482Z Post job cleanup.
2024-10-08T07:17:16.1131960Z [command]/usr/bin/git version
2024-10-08T07:17:16.1166184Z git version 2.46.1
2024-10-08T07:17:16.1212884Z Temporarily overriding HOME='/home/runner/work/_temp/4045f328-ac9f-43bf-b291-8f6f389c0fcc' before making global git config changes
2024-10-08T07:17:16.1213982Z Adding repository directory to the temporary git global config as a safe directory
2024-10-08T07:17:16.1216600Z [command]/usr/bin/git config --global --add safe.directory /home/runner/work/PRBotCheck/PRBotCheck
2024-10-08T07:17:16.1246128Z [command]/usr/bin/git config --local --name-only --get-regexp core.sshCommand
2024-10-08T07:17:16.1273918Z [command]/usr/bin/git submodule foreach --recursive sh -c "git config --local --name-only --get-regexp 'core.sshCommand' && git config --local --unset-all 'core.sshCommand' || :"
2024-10-08T07:17:16.1505241Z [command]/usr/bin/git config --local --name-only --get-regexp http.https://github.com/.extraheader
2024-10-08T07:17:16.1524533Z http.https://github.com/.extraheader
2024-10-08T07:17:16.1535971Z [command]/usr/bin/git config --local --unset-all http.https://github.com/.extraheader
2024-10-08T07:17:16.1563770Z [command]/usr/bin/git submodule foreach --recursive sh -c "git config --local --name-only --get-regexp 'http.https://github.com/.extraheader' && git config --local --unset-all 'http.https://github.com/.extraheader' || :"
2024-10-08T07:17:16.1990092Z Cleaning up orphan processes

SCA Bot

All good in the hood no vulnerable package found in raised Pull-Request. Please consider investigating the findings and remediating the incidents. Failure to do so may lead to compromising the associated services or software components.