fix: gitleaks CI bug

obycode · obycode · commit b1bd39711e88 · 2026-03-04T16:48:38.000-05:00
diff --git a/.github/workflows/secret-scan.yml b/.github/workflows/secret-scan.yml
@@ -16,9 +16,13 @@ jobs:
       - name: Checkout
         uses: actions/checkout@v4
         with:
-          fetch-depth: 1
+          # Gitleaks scans git commit ranges on PRs/pushes; shallow clones can
+          # miss the base commit and cause "unknown revision" failures.
+          fetch-depth: 0
 
       - name: Run gitleaks
         uses: gitleaks/gitleaks-action@v2
         with:
-          args: detect --source . --no-git --config .gitleaks.toml --redact
+          # Let the action run its default git-range scan and only pass
+          # scanner options.
+          args: --config .gitleaks.toml --redact
