From 4984a0ff83e76b65e3788115e0aa534b7c0413e0 Mon Sep 17 00:00:00 2001 From: nikhil achale Date: Sat, 23 May 2026 11:59:37 +0530 Subject: [PATCH] ci: limit gitleaks checkout depth (#2001) --- .github/workflows/security.yml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml index 5f8cf574d..89defba5d 100644 --- a/.github/workflows/security.yml +++ b/.github/workflows/security.yml @@ -22,7 +22,10 @@ jobs: - name: Checkout code uses: actions/checkout@v4 with: - fetch-depth: 0 # Full history to ensure base/head SHAs are available for PR scans + # Avoid fetching every branch/tag on PRs; the scan step fetches the + # exact base/head SHAs it needs. Non-PR scans only inspect recent + # history, so a shallow checkout is enough there too. + fetch-depth: 10 - name: Install Gitleaks run: |