I’m adding a secrets scanner to my builds and want to to scan every commit that’s within the TRAVIS_COMMIT_RANGE so that I can scan every commit in the push inclusively.
I’ve found a way to do that when running my scanner, which uses git log options, using ${TRAVIS_COMMIT_RANGE/.../^..}. What’s less clear to me is whether it’s possible to be non-arbitrary in my clone depth without cloning all the things. I’d like to keep my builds as confined as possible for speed and…tidiness, but I haven’t been able to find a way to clone only the number of commits in this particular push.
I originally set the depth to 1 for speed, but now that I may need to scan a range, that’s no longer working. Yes, it’s highly unlikely that anyone will push more than (what I understand to be) the default depth of 50, but I’m tweaked by arbitrary values because sometimes outliers exist. Is it possible to determine the number of commits pushed and clone with more precision?