I’m working on automating the scanning of commits for secrets using a package called gitleaks. Currently I’ve got a webhook listening for github push events. Once received I extract the head_commit.id from the payload and run a scan against that specific commit.
In some cases I receive a push event from github where the payload contains ‘null’ for the value of the head_commit.id field.
I believe this has something to do with pull requests but I cannot find any documentation that confirms my suspicion. Any insight I can get from the community on why I would get a ‘null’ value for the head_commit.id would be much appreciated. Thanks.