From 4b103e547f03507e2a88fc08ea68ec8c3985ec0d Mon Sep 17 00:00:00 2001
From: Riccardo Boero <ribo@nilu.no>
Date: Fri, 13 Dec 2024 14:10:38 +0100
Subject: [PATCH] fix cicd vulnerability

---
 .gitlab-ci.yml | 14 +++++++++-----
 1 file changed, 9 insertions(+), 5 deletions(-)

diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index e9a747f..ea6e258 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -63,15 +63,19 @@ register package:
         );
       '
 
-    # Remove credentials from Package.toml files
+    # Sanitize the Package.toml files after registration
     - find /tmp/registry -name 'Package.toml' -exec sed -i 's|https://.*@|https://|g' {} \;
 
-    # Stage and commit sanitized changes
+    # Check for changes and commit sanitized updates if any
     - |
       cd /tmp/registry
-      git add .
-      git commit -m "Sanitize Package.toml: Remove secrets from repo field"
-    
+      if ! git diff --quiet; then
+          git add .
+          git commit -m "Sanitize Package.toml: Remove secrets from repo field"
+      else
+          echo "No changes detected, skipping commit."
+      fi
+
     # Push changes to the registry
     - |
       cd /tmp/registry
-- 
GitLab