Skip to content

Value of argument "first-parent" causing error [fatal: ambiguous argument] #199

New issue
New issue
Open
Open
Value of argument "first-parent" causing error [fatal: ambiguous argument]#199
@t217145

Description

@t217145
t217145
opened on Oct 21, 2025

When execute gitleaks in GitHub Actions pipeline triggered by Pull Request in main / master branch, there will be an argument "first-parent" with a long hash / string.

gitleaks detect --redact -v --exit-code=2 --report-format=sarif --report-path=results.sarif --log-level=debug --log-opts=--no-merges --first-parent 285152a60a0fc48c328c090a59e73dee6732386c^..e03be20820e328exxxxxxxxf2cbfc

This argument does not exist when push to non master / main branch, or just push code to any branch. It only exists when merge to main / master. But it will fail with following reason

ERR [git] fatal: ambiguous argument '285152a60a0fc48c328c090a59e73dee6732386c^..e03be20820e328exxxxxxxxf2cbfc': unknown revision or path not in the working tree.

May I ask how this can be resolved.

Thank you.

Here are the log:

`Sent 2682970 of 2682970 (100.0%), 22.2 MBs/sec
event type: pull_request
gitleaks cmd: gitleaks detect --redact -v --exit-code=2 --report-format=sarif --report-path=results.sarif --log-level=debug --log-opts=--no-merges --first-parent 285152a60a0fc48c328c090a59e73dee6732386c^..e03be20820e328exxxxxxxxf2cbfc
/tmp/gitleaks-8.16.1/gitleaks detect --redact -v --exit-code=2 --report-format=sarif --report-path=results.sarif --log-level=debug --log-opts=--no-merges --first-parent 285152a60a0fc48c328c090a59e73dee6732386c^..e03be20820e328exxxxxxxxf2cbfc

○
│╲
│ ○
○ ░
░    gitleaks

6:51AM DBG using gitleaks config from GITLEAKS_CONFIG env var: ./gitleaks.toml
6:51AM DBG executing: /usr/bin/git -C . log -p -U0 --no-merges --first-parent 285152a60a0fc48c328c090a59e73dee6732386c^..e03be20820e328exxxxxxxxf2cbfc
6:51AM ERR [git] fatal: ambiguous argument '285152a60a0fc48c328c090a59e73dee6732386c^..e03be20820e328exxxxxxxxf2cbfc': unknown revision or path not in the working tree.
6:51AM ERR [git] Use '--' to separate paths from revisions, like this:
6:51AM ERR [git] 'git [...] -- [...]'
6:51AM INF 0 commits scanned.
6:51AM DBG Note: this number might be smaller than expected due to commits with no additions
6:51AM ERR error="git error encountered, see logs"
6:51AM WRN partial scan completed in 63.9ms
6:51AM WRN no leaks found in partial scan`

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions