From 00c0952dd1a56f4b13e77f9c73401a2158648852 Mon Sep 17 00:00:00 2001
From: virendra vyas <vvyas@systango.com>
Date: Mon, 2 Feb 2026 19:35:20 +0530
Subject: [PATCH] fix: fixed the path local issue in script

---
 install-gitleaks-global.sh | 43 +++++++++++++++++++------
 update-all-repos.sh        | 64 ++++++++++++++++++++++++++++++--------
 2 files changed, 85 insertions(+), 22 deletions(-)

diff --git a/install-gitleaks-global.sh b/install-gitleaks-global.sh
index df325f576..175dcb573 100755
--- a/install-gitleaks-global.sh
+++ b/install-gitleaks-global.sh
@@ -115,11 +115,23 @@ NC='\033[0m' # No Color
 
 # Function to run gitleaks scan
 run_gitleaks_scan() {
-    # Check if gitleaks is installed
-    if ! command -v gitleaks &> /dev/null; then
-        echo -e "${RED}Error: gitleaks is not installed${NC}"
+    # Add common gitleaks installation paths to PATH
+    export PATH="/usr/local/bin:/opt/homebrew/bin:/usr/bin:/bin:$PATH"
+    
+    # Try to find gitleaks executable
+    GITLEAKS_BIN=""
+    for gitleaks_path in /usr/local/bin/gitleaks /opt/homebrew/bin/gitleaks /usr/bin/gitleaks $(which gitleaks 2>/dev/null); do
+      if [ -x "$gitleaks_path" ] 2>/dev/null; then
+        GITLEAKS_BIN="$gitleaks_path"
+        break
+      fi
+    done
+    
+    if [ -z "$GITLEAKS_BIN" ]; then
+        echo -e "${RED}Error: gitleaks is not installed or not found in PATH${NC}"
         echo "Install it from: https://github.com/gitleaks/gitleaks"
         echo "Or run: brew install gitleaks (macOS) or go install github.com/gitleaks/gitleaks/v8@latest"
+        echo "Searched paths: /usr/local/bin, /opt/homebrew/bin, /usr/bin"
         return 1
     fi
 
@@ -131,11 +143,12 @@ run_gitleaks_scan() {
 
     # Run gitleaks on staged changes
     echo -e "${YELLOW}🔍 Scanning for secrets with gitleaks...${NC}"
+    echo -e "${YELLOW}Using: $GITLEAKS_BIN${NC}"
 
     if [ -n "$GITLEAKS_CONFIG" ]; then
-        gitleaks protect --staged --redact --config="$GITLEAKS_CONFIG" --verbose
+        "$GITLEAKS_BIN" protect --staged --redact --config="$GITLEAKS_CONFIG" --verbose
     else
-        gitleaks protect --staged --redact --verbose
+        "$GITLEAKS_BIN" protect --staged --redact --verbose
     fi
 
     if [ $? -eq 0 ]; then
@@ -174,8 +187,20 @@ cat > "$TEMPLATE_DIR/hooks/commit-msg" << 'EOF'
 # Gitleaks commit-msg hook (Smart Auto-Detecting)
 # This is a secondary check in case pre-commit was bypassed
 
-# Skip if gitleaks not installed
-if ! command -v gitleaks &> /dev/null; then
+# Add common gitleaks installation paths to PATH
+export PATH="/usr/local/bin:/opt/homebrew/bin:/usr/bin:/bin:$PATH"
+
+# Find gitleaks executable
+GITLEAKS_BIN=""
+for gitleaks_path in /usr/local/bin/gitleaks /opt/homebrew/bin/gitleaks /usr/bin/gitleaks; do
+  if [ -x "$gitleaks_path" ] 2>/dev/null; then
+    GITLEAKS_BIN="$gitleaks_path"
+    break
+  fi
+done
+
+# Skip if gitleaks not found
+if [ -z "$GITLEAKS_BIN" ]; then
     exit 0
 fi
 
@@ -195,9 +220,9 @@ fi
 
 # Silent check on commit
 if [ -n "$GITLEAKS_CONFIG" ]; then
-    gitleaks protect --staged --redact --config="$GITLEAKS_CONFIG" > /dev/null 2>&1
+    "$GITLEAKS_BIN" protect --staged --redact --config="$GITLEAKS_CONFIG" > /dev/null 2>&1
 else
-    gitleaks protect --staged --redact > /dev/null 2>&1
+    "$GITLEAKS_BIN" protect --staged --redact > /dev/null 2>&1
 fi
 
 if [ $? -ne 0 ]; then
diff --git a/update-all-repos.sh b/update-all-repos.sh
index 2e92b27ca..932331d6b 100755
--- a/update-all-repos.sh
+++ b/update-all-repos.sh
@@ -98,19 +98,29 @@ function inject_gitleaks_husky {
 
 # Gitleaks secret scanning (auto-injected by gitleaks)
 # Add common gitleaks installation paths to PATH for Husky non-login shell
-export PATH="/usr/local/bin:/opt/homebrew/bin:$PATH"
+export PATH="/usr/local/bin:/opt/homebrew/bin:/usr/bin:/bin:$PATH"
 
-if command -v gitleaks &> /dev/null; then
+# Try to find gitleaks
+GITLEAKS_BIN=""
+for gitleaks_path in /usr/local/bin/gitleaks /opt/homebrew/bin/gitleaks /usr/bin/gitleaks $(which gitleaks 2>/dev/null); do
+  if [ -x "$gitleaks_path" ] 2>/dev/null; then
+    GITLEAKS_BIN="$gitleaks_path"
+    break
+  fi
+done
+
+if [ -n "$GITLEAKS_BIN" ]; then
   echo "🔍 Scanning for secrets with gitleaks..."
   GITLEAKS_CONFIG="$HOME/.config/gitleaks/gitleaks.toml"
   if [ -f "$GITLEAKS_CONFIG" ]; then
-    gitleaks protect --staged --redact --verbose --config="$GITLEAKS_CONFIG" || exit 1
+    "$GITLEAKS_BIN" protect --staged --redact --verbose --config="$GITLEAKS_CONFIG" || exit 1
   else
-    gitleaks protect --staged --redact --verbose || exit 1
+    "$GITLEAKS_BIN" protect --staged --redact --verbose || exit 1
   fi
   echo "✓ No secrets detected"
 else
-  echo "⚠ Warning: gitleaks not found, skipping secret scan"
+  echo "⚠ Warning: gitleaks not found in PATH, skipping secret scan"
+  echo "  Searched: /usr/local/bin, /opt/homebrew/bin, /usr/bin"
 fi
 GITLEAKS_INJECT
       injected=true
@@ -122,17 +132,30 @@ GITLEAKS_INJECT
     cat >> "$temp_file" << 'GITLEAKS_INJECT'
 
 # Gitleaks secret scanning (auto-injected by gitleaks)
-if command -v gitleaks &> /dev/null; then
+# Add common gitleaks installation paths to PATH for Husky non-login shell
+export PATH="/usr/local/bin:/opt/homebrew/bin:/usr/bin:/bin:$PATH"
+
+# Try to find gitleaks
+GITLEAKS_BIN=""
+for gitleaks_path in /usr/local/bin/gitleaks /opt/homebrew/bin/gitleaks /usr/bin/gitleaks $(which gitleaks 2>/dev/null); do
+  if [ -x "$gitleaks_path" ] 2>/dev/null; then
+    GITLEAKS_BIN="$gitleaks_path"
+    break
+  fi
+done
+
+if [ -n "$GITLEAKS_BIN" ]; then
   echo "🔍 Scanning for secrets with gitleaks..."
   GITLEAKS_CONFIG="$HOME/.config/gitleaks/gitleaks.toml"
   if [ -f "$GITLEAKS_CONFIG" ]; then
-    gitleaks protect --staged --redact --verbose --config="$GITLEAKS_CONFIG" || exit 1
+    "$GITLEAKS_BIN" protect --staged --redact --verbose --config="$GITLEAKS_CONFIG" || exit 1
   else
-    gitleaks protect --staged --redact --verbose || exit 1
+    "$GITLEAKS_BIN" protect --staged --redact --verbose || exit 1
   fi
   echo "✓ No secrets detected"
 else
-  echo "⚠ Warning: gitleaks not found, skipping secret scan"
+  echo "⚠ Warning: gitleaks not found in PATH, skipping secret scan"
+  echo "  Searched: /usr/local/bin, /opt/homebrew/bin, /usr/bin"
 fi
 GITLEAKS_INJECT
   fi
@@ -163,18 +186,33 @@ function create_husky_precommit {
   }
   
   cat > "$hook_file" << 'HUSKY_HOOK'
+#!/bin/sh
+
 # Gitleaks secret scanning (auto-injected by gitleaks)
-if command -v gitleaks &> /dev/null; then
+# Add common gitleaks installation paths to PATH for Husky non-login shell
+export PATH="/usr/local/bin:/opt/homebrew/bin:/usr/bin:/bin:$PATH"
+
+# Try to find gitleaks
+GITLEAKS_BIN=""
+for gitleaks_path in /usr/local/bin/gitleaks /opt/homebrew/bin/gitleaks /usr/bin/gitleaks $(which gitleaks 2>/dev/null); do
+  if [ -x "$gitleaks_path" ] 2>/dev/null; then
+    GITLEAKS_BIN="$gitleaks_path"
+    break
+  fi
+done
+
+if [ -n "$GITLEAKS_BIN" ]; then
   echo "🔍 Scanning for secrets with gitleaks..."
   GITLEAKS_CONFIG="$HOME/.config/gitleaks/gitleaks.toml"
   if [ -f "$GITLEAKS_CONFIG" ]; then
-    gitleaks protect --staged --redact --verbose --config="$GITLEAKS_CONFIG" || exit 1
+    "$GITLEAKS_BIN" protect --staged --redact --verbose --config="$GITLEAKS_CONFIG" || exit 1
   else
-    gitleaks protect --staged --redact --verbose || exit 1
+    "$GITLEAKS_BIN" protect --staged --redact --verbose || exit 1
   fi
   echo "✓ No secrets detected"
 else
-  echo "⚠ Warning: gitleaks not found, skipping secret scan"
+  echo "⚠ Warning: gitleaks not found in PATH, skipping secret scan"
+  echo "  Searched: /usr/local/bin, /opt/homebrew/bin, /usr/bin"
 fi
 HUSKY_HOOK