SIGSEGV when running GH Action

[jakubmackowski]

TL;DR

I have very simple workflow file

name: Legitify Analyze
on:
    workflow_dispatch:

jobs:
  analyze:
    runs-on: ubuntu-latest
    steps:
      - name: Legitify Action
        uses: Legit-Labs/legitify@main
        with:
          github_token: ${{ secrets.PAT_FOR_LEGITIFY_ACTION }}
          upload_code_scanning: false

when run I am getting this error:

panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x1 addr=0x0 pc=0x151b[3](https://github.com/relativityone/AppSec.Scripts/actions/runs/12409741975/job/34643957543#step:2:3)2e]

Error: Error: The process '/home/runner/work/_actions/Legit-Labs/legitify/main/legitify' failed with exit code 2
Error: Process completed with exit code 1.

Expected behavior

No error :-)

Observed behavior

No response

Version

legitify_base_version: 1.0

On which operating system are you using legitify?

Linux

Relevant log output

Run Legit-Labs/legitify@main
  with:
    github_token: ***
    upload_code_scanning: false
    analyze_self_only: false
    legitify_base_version: 1.0
    scorecard: no
    compile_legitify: false
    artifact_name: legitify-report
Run echo "" > "${GITHUB_ACTION_PATH}/ignored-policies"
  echo "" > "${GITHUB_ACTION_PATH}/ignored-policies"
  shell: /usr/bin/bash --noprofile --norc -e -o pipefail {0}
Run actions/setup-node@v4
  with:
    node-version: 20
    always-auth: false
    check-latest: false
    token: ***
Found in cache @ /opt/hostedtoolcache/node/20.18.1/x64
Environment details
  node: v20.18.1
  npm: 10.8.2
  yarn: 1.22.22
Run cd "$GITHUB_ACTION_PATH"
  cd "$GITHUB_ACTION_PATH"
  node index.js
  shell: /usr/bin/bash --noprofile --norc -e -o pipefail {0}
  env:
    github_token: ***
    analyze_self_only: false
    repositories: 
    legitify_base_version: 1.0
    scorecard: no
    upload_code_scanning: false
    compile_legitify: false
    ignore-policies-file: ./ignored-policies
    extra: 
downloading legitify binary from the following release URL: https://github.com/Legit-Labs/legitify/releases/download/v1.0.11/legitify_1.0.11_linux_amd64.tar.gz
execute legitify analyze: [
  'analyze',
  '--org',
  'relativityone',
  '--ignore-policies-file',
  './ignored-policies',
  '--output-format',
  'json',
  '--output-file',
  'legitify-output.json'
]
Error: The process '/home/runner/work/_actions/Legit-Labs/legitify/main/legitify' failed with exit code 2 | stderr: Using Github Cloud
Note: to get the OpenSSF scorecard results for the organization repositories use the --scorecard option

Progress bar is disabled because stderr is not a terminal. Starting collection...
Finished collecting actions
Finished collecting metadata
Finished collecting runner_group
Finished collecting organization
panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x1 addr=0x0 pc=0x151b32e]

goroutine 8455 [running]:
github.com/Legit-Labs/legitify/internal/collectors/github.(*repositoryCollector).withRepositoryHooks(_, {0xc0008820d8, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0}, {0x0, 0x0, ...}, ...}, ...)
	/home/runner/work/legitify/legitify/internal/collectors/github/repository_collector.go:346 +0x1ae
github.com/Legit-Labs/legitify/internal/collectors/github.(*repositoryCollector).collectExtraData(0xc0004120a0, {0xc000042cb0, 0xd}, 0xc0008820d8, 0x1)
	/home/runner/work/legitify/legitify/internal/collectors/github/repository_collector.go:246 +0x170
github.com/Legit-Labs/legitify/internal/collectors/github.(*repositoryCollector).collectRepository(0xc0004120a0, 0x7370747468223a22?, {0xc000042cb0, 0xd}, 0xc0079595e0)
	/home/runner/work/legitify/legitify/internal/collectors/github/repository_collector.go:227 +0x65
github.com/Legit-Labs/legitify/internal/collectors/github.(*repositoryCollector).collectRepositories.func1.1()
	/home/runner/work/legitify/legitify/internal/collectors/github/repository_collector.go:210 +0x274
github.com/Legit-Labs/legitify/internal/common/group_waiter.(*GroupWaiter).Do.func1()
	/home/runner/work/legitify/legitify/internal/common/group_waiter/group_waiter.go:25 +0x5b
created by github.com/Legit-Labs/legitify/internal/common/group_waiter.(*GroupWaiter).Do
	/home/runner/work/legitify/legitify/internal/common/group_waiter/group_waiter.go:23 +0x8a

Error: Error: The process '/home/runner/work/_actions/Legit-Labs/legitify/main/legitify' failed with exit code 2
Error: Process completed with exit code 1.

Additional information

No response

[jakubmackowski]

@noamd-legit do you know if there is any workaround for this?