scan organization repos meet "index out of range"

[breeze7086]

When "Done cloning org repos." and then start "Listing users of the organization and their repositories and gists" it shows:

panic: runtime error: index out of range

goroutine 1 [running]:
main.cloneusergists(0x721c20, 0xc420018028, 0xc42008efc0, 0xc420374ac0, 0xb, 0x0, 0x0)
	/go/src/github.com/anshumanbh/git-all-secrets/main.go:249 +0x595
main.main()
	/go/src/github.com/anshumanbh/git-all-secrets/main.go:975 +0x77a

[anshumanbh]

Are you sure you are using the latest code? Do you mind testing it via the docker image instead? Please reopen this once you have verified that this is also happening via the docker image.

[breeze7086]

Thanks for your reply.
I'm sure of using the latest image.
Here is my Dockerfile

FROM abhartiya/tools_gitallsecrets:latest

RUN apk update && apk add openssh
COPY known_hosts /root/.ssh/

command line flags

docker run -it --rm -v ~/.ssh/id_rsa:/root/.ssh/id_rsa mayer.ma/tools_gitallsecrets -token=5f28004bc6d2411b3719f4092071099b1780c8a5 -org=<org> -enterpriseURL https://<api_url>/

[anshumanbh]

Based on the error, it looks like its having trouble cloning user gists. I am not sure how to test for this but I will keep this issue open for now. If I do encounter this during my testing, I will try to fix it.

[breeze7086]

Thanks!
More info when the error occurred.

git@<url>:<org>/<repo_name>.git
git@<url>:<org>/<repo_name>.git
Done cloning org repos.
Listing users of the organization and their repositories and gists
Cloning A's repositories
If the scanPrivateReposOnly flag is set, this will only scan the private repositories of this user. If that flag is not set, only public repositories are scanned. 
Done cloning user repos.
Cloning B's repositories
If the scanPrivateReposOnly flag is set, this will only scan the private repositories of this user. If that flag is not set, only public repositories are scanned. 
Done cloning user repos.
<Omit many of the same output. We have dozens of users in this organization>
Cloning Q's gists
Irrespective of the scanPrivateReposOnly flag being set or not, this will scan all public AND secret gists of a user whose token is provided
panic: runtime error: index out of range

goroutine 1 [running]:
main.cloneusergists(0x721c20, 0xc420016018, 0xc42008ed80, 0xc420016660, 0xb, 0x0, 0x0)
	/go/src/github.com/anshumanbh/git-all-secrets/main.go:249 +0x595
main.main()
	/go/src/github.com/anshumanbh/git-all-secrets/main.go:975 +0x77a

[anshumanbh]

My guess is the token that you provided, whoever that token belongs to, there is something wrong with the gists of that user. Can you try using a different token of a different user?

[breeze7086]

Sure, wait a minute.
The same result.
The crash point seems to look the same according to stdout.

[anshumanbh]

Erm, do you know Go? I guess, my next step would be to do some debugging by directly running the main.go file with the parameters you are providing, having some print statements to figure out where and why this is failing.

For me to replicate this, I'd need your SSH keys, token, and all the other parameters. Not sure if thats possible. I personally wouldn't want it but in order for me to figure out what's going on here, I'd need some sample input to reproduce this because I can't reproduce it on my own.

[breeze7086]

I'm trying to run this program in my enterprise Github. It's in the intranet environment.
It has strict confidentiality and privilege management. So I'm sorry for that.