Fix errors when no GHAS repos found

[bzarboni1]

Clone of issue found in Foci repo:

https://github.com/foci-github-foundations/organizations/pull/254

[gemini-code-assist]

Summary of Changes

Hello @bzarboni1, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request resolves an issue in the GHAS policy check workflow where it would fail when no GitHub Advanced Security (GHAS) enabled repositories were present. The changes enhance the script's ability to gracefully handle scenarios where the repository listing command either returns no results or outputs an error, preventing workflow failures and ensuring continued operation. Additionally, a specific GitHub Action has been downgraded to a stable version to maintain compatibility and reliability.

Highlights

• Improved Error Handling for GHAS Repo Detection: The workflow now captures standard error output from the github-foundations-cli command and includes a more robust check for common error messages (e.g., 'not found', 'panic', 'error') in addition to empty output, ensuring the repos variable defaults to an empty array when no GHAS repos are genuinely found or an error occurs.
• GitHub Action Version Downgrade: The advanced-security/policy-as-code action has been reverted from version v2.9.0 to v2.7.2, likely to address a regression or incompatibility that caused issues when no GHAS repositories were identified.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[gemini-code-assist]

Code Review

This pull request fixes an issue where the workflow would fail if no GHAS-enabled repositories were found. The changes correctly capture potential errors from the CLI tool and handle them by providing a default empty list, preventing downstream jobs from failing. Additionally, the advanced-security/policy-as-code action is downgraded. My review includes a suggestion to improve the robustness of a shell command and a recommendation to document the reason for the action downgrade for future maintainability.