You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I spent a bit of time digging around in the entrails of the go-git code, and it doesn't look like remote reference listing code currently supports peeled tags, based on my understanding of things (go-git/go-git#749). I'll wait a few days to see if I get a response, and then I might need to do something icky like shelling out to git ls-remote instead :-(
Utilise the newly implemented (but not yet released) functionality from
go-git/go-git#750 to favour the unpeeled tag's
commit hash for repositories with annotated tags.
Fixes: #1209
Looking at
osv.dev/vulnfeeds/git/repository_test.go
Line 78 in bf67aaf
and e.g.
It looks like we're not actually resolving the right commits
for e.g. "v0.18.1", the commit is not "5ee3529c3014b4238231885b1403faa3e1affb5c".
"5ee3529c3014b4238231885b1403faa3e1affb5c" is instead the SHA1 id of the tag itself. We need instead the dereferenced commit SHA from this.
e.g. if I do
That will give:
We can also get this commit SHA from
git ls-remote https://github.com/aide/aide
:By picking the hash with the "^{}" after the "refs/tags/*".
The text was updated successfully, but these errors were encountered: