New files aren't scanned

Description

Bitbucket sometimes categorizes new files as UPDATE's and not ADD's and this causes the security hook to miss categorize the changes for scanning.

Steps to reproduce:

  1. Make sure hook is on at all levels.

  2. Push a repository.

  3. Add a new file with a vulnerability. Mine looked like this:
    diff --git a/src/main/java/com/mohamicorp/bitbucket/commitgraph/servlet/add_file b/src/main/java/com/mohamicorp/bitbucket/commitgraph/servlet/add_file
    new file mode 100644
    index 0000000..0ea6646

    •  

      • /dev/null
        +++ b/src/main/java/com/mohamicorp/bitbucket/commitgraph/servlet/add_file
        @@ -0,0 +1,3 @@
        +
        +
        +const AWSSECRET = \"7CE556A3BC234CC1FF9E8A5C324C0BB70AA21B6D\"

  4. Push the change, and you'll see it go through when it shouldn't.

Environment

None

Assignee

Mohammed Davoodi

Reporter

Mohammed Davoodi

Labels

None

Github URL

None

Sprint

None

Priority

High
Configure