From 867935793b0e225c5b89511ec3f3feaa7c5b5fd9 Mon Sep 17 00:00:00 2001
From: Ben Zarboni <ben.zarboni@focisolutions.com>
Date: Fri, 24 Oct 2025 15:42:03 -0400
Subject: [PATCH 1/2] Fix errors when no GHAS repos found

---
 organizations/.github/workflows/ghas-policy-check.yaml | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/organizations/.github/workflows/ghas-policy-check.yaml b/organizations/.github/workflows/ghas-policy-check.yaml
index 084c690..27dcf9f 100644
--- a/organizations/.github/workflows/ghas-policy-check.yaml
+++ b/organizations/.github/workflows/ghas-policy-check.yaml
@@ -29,10 +29,10 @@ jobs:
             - name: Get the list of repos with GHAS enabled
               id: repo_list
               run: |
-                    repos=$(echo $(./github-foundations-cli list repos --ghas ${{ github.workspace }}/projects))
+                    repos=$(echo $(./github-foundations-cli list repos --ghas ${{ github.workspace }}/projects 2>&1))
                     echo -e "Found repos: $repos"
-                    # Default to [] if repos is empty
-                    if [ -z "$repos" ]; then
+                    # Default to [] if repos is empty or contains error text
+                    if [ -z "$repos" ] || echo "$repos" | grep -qiE "(not found|panic|error|exception|fatal|fail)"; then
                       repos="[]"
                     else
                       repos=$(echo -e "${repos}" | sed s/\'/\"/g)
@@ -66,7 +66,7 @@ jobs:
                   workload_identity_provider: ${{ secrets.WORKLOAD_IDENTITY_PROVIDER }}
 
             - name: For each repo, run the policy checks
-              uses: advanced-security/policy-as-code@v2.9.0
+              uses: advanced-security/policy-as-code@v2.7.2
               #   env:
               #     DEBUG: true
               with:

From 9ed1c0da41e41e825257440b9dd45e8f2c28aced Mon Sep 17 00:00:00 2001
From: Ben Zarboni <ben.zarboni@focisolutions.com>
Date: Mon, 27 Oct 2025 13:41:47 -0400
Subject: [PATCH 2/2] Revert copilot package downgrade

Signed-off-by: Ben Zarboni <ben.zarboni@focisolutions.com>
---
 organizations/.github/workflows/ghas-policy-check.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/organizations/.github/workflows/ghas-policy-check.yaml b/organizations/.github/workflows/ghas-policy-check.yaml
index 27dcf9f..b6818e7 100644
--- a/organizations/.github/workflows/ghas-policy-check.yaml
+++ b/organizations/.github/workflows/ghas-policy-check.yaml
@@ -66,7 +66,7 @@ jobs:
                   workload_identity_provider: ${{ secrets.WORKLOAD_IDENTITY_PROVIDER }}
 
             - name: For each repo, run the policy checks
-              uses: advanced-security/policy-as-code@v2.7.2
+              uses: advanced-security/policy-as-code@v2.9.0
               #   env:
               #     DEBUG: true
               with: