git (on gitlab) fails with "error chunking dir \"/tmp/trufflehog-79-1064351127\": unable to resolve merge base: object not found"

[svenXY]

TruffleHog Version

"trufflehog_version": "3.94.3"

Trace Output

https://gist.github.com/svenXY/ab063d0bfb97e8882525f2e1dc9f5170

Expected Behavior

The command should scan from --since-commit main to --branch successfully

Actual Behavior

It fails with trufflehog encountered errors during scan {"job": 1, "source_name": "trufflehog - git", "errors": ["error chunking dir \"/tmp/trufflehog-76-3945075207\": unable to resolve merge base: object not found"]}

I'm getting the error as seen in the gist.

• Strangely, I have a very small repo for testing that does not have this problem
• also in the repository where this first happened, I had at least one run where it did not happen, too.
• Trying another repo, the problem shows up, too.
• I also tried with --trust-local-git-config to make sure it has nothing to do with the gitlab runner, but the error only changed to:

encountered errors during scan {"job": 1, "source_name": "trufflehog - git", "errors": ["error chunking dir \".\": unable to resolve merge base: object not found"]}

• I even went as far as using the SHA of base and head and passing those to the trufflehog command, but to no avail.
• Running the same command on the same branch checked out locally works fine, though.

Steps to Reproduce

1. Create a job in .gitlab-ci.yaml:

run_trufflehog:
  image:
    name: trufflesecurity/trufflehog
    entrypoint: ['']
  before_script:
    - git fetch origin
    - git checkout main
    - git checkout $CI_COMMIT_REF_NAME
    - git branch -a

  script:
    - trufflehog git file://. --since-commit main --branch $CI_COMMIT_REF_NAME --fail --fail-on-scan-errors

2. create a branch, push it and check your job output
3. See error

Environment

• GitLab Enterprise Edition v18.9.5-ee