mirror of
https://github.com/fleetdm/fleet
synced 2026-04-21 13:37:30 +00:00
81ea7436c3
## Summary The nightly OSV artifact generation in `fleetdm/vulnerabilities` failed over the weekend with: ``` fatal: error processing shallow info: 4 ``` at `cmd/osv-processor/sync-and-detect-changes.sh` during: ```bash git fetch --shallow-since="3 days ago" origin main ``` Root cause: `git fetch --shallow-since` errors out when the upstream (`canonical/ubuntu-security-notices`) has zero commits newer than the cutoff. Canonical didn't push anything over the weekend, so the 3-day window returned empty and upload-pack produced an unusable shallow response. Fix: - Fall back to `git fetch --depth=3` if `--shallow-since` still returns empty, so the initial clone always succeeds. Subsequent runs reuse the existing clone and take the other branch of the script (plain `git fetch origin main`), which doesn't have this failure mode. Failing run: https://github.com/fleetdm/vulnerabilities/actions/runs/24330589309/job/71035337352 ## Test plan - [x] Re-run the Ubuntu OSV artifact generation workflow; initial clone succeeds regardless of upstream push frequency. - [x] Manually exercise the cold-cache path locally: `rm -rf ubuntu-security-notices && ./cmd/osv-processor/sync-and-detect-changes.sh` — completes without error. <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **Bug Fixes** * Improved initial repository sync: if the primary shallow fetch returns no commits, the process now falls back to a limited-depth fetch, warns the user, and shows recent commit history before continuing. Downstream change detection and existing behavior for already-cloned repos remain unchanged. <!-- end of auto-generated comment: release notes by coderabbit.ai --> --------- Co-authored-by: Konstantin Sykulev <konst@sykulev.com> |
||
|---|---|---|
| .. | ||
| main.go | ||
| main_test.go | ||
| sync-and-detect-changes.sh | ||
| transforms.go | ||
| transforms_test.go | ||