Skip to content

fix: robust changed file detection for PRs/MRs in GitHub, GitLab, and… #106

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 5 commits into from
Jul 29, 2025
Merged

fix: robust changed file detection for PRs/MRs in GitHub, GitLab, and… #106

merged 5 commits into from
Jul 29, 2025

Conversation

@dacoburn
Copy link
Collaborator

@dacoburn dacoburn commented Jul 29, 2025

Fixes an issue where manifest and other file changes in pull/merge requests were not detected in CI environments (GitHub Actions, GitLab CI, Bitbucket Pipelines), causing the CLI to miss important file changes in PR/MR workflows.

Root Cause

The previous implementation only used git show on a single commit (often a merge commit in CI), which does not list all files changed in a PR/MR. This resulted in missing file changes, especially for manifest files, when running in CI environments for pull/merge requests.

Fix

The detection logic now checks for PR/MR context in GitHub, GitLab, and Bitbucket using their respective environment variables. It uses git diff with the correct base and head refs to get the full list of changed files in a PR/MR. If not in a PR/MR context, it falls back to the original git show logic for single commits.

Public Changelog

N/A

@dacoburn
fix: robust changed file detection for PRs/MRs in GitHub, GitLab, and…
f5da0a9 
… Bitbucket

- Use git diff with appropriate refs and environment variables to detect changed files in pull/merge requests across GitHub Actions, GitLab CI, and Bitbucket Pipelines.
- Fallback to git show for single commit detection.
- Ensures manifest and other file changes are correctly picked up in all major
@dacoburn dacoburn requested a review from a team as a code owner July 29, 2025 02:27
@dacoburn dacoburn requested review from Raynos and bmeck and removed request for a team July 29, 2025 02:27
@github-actions
Copy link

github-actions bot commented Jul 29, 2025
edited
Loading

🚀 Preview package published!

Install with:

pip install --index-url https://test.pypi.org/simple/ --extra-index-url https://pypi.org/simple socketsecurity==2.1.33.dev1

Docker image: socketdev/cli:pr-106

@dacoburn dacoburn merged commit 0546fab into main Jul 29, 2025
6 checks passed
@dacoburn dacoburn deleted the doug/fix-github-commit-change branch July 29, 2025 04:09
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@reberhardt7 reberhardt7 reberhardt7 approved these changes

@bmeck bmeck Awaiting requested review from bmeck bmeck is a code owner automatically assigned from SocketDev/eng

@Raynos Raynos Awaiting requested review from Raynos Raynos is a code owner automatically assigned from SocketDev/eng

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@dacoburn @reberhardt7