From cd719eeb8a7e7d287d359c56656dac78820b2be0 Mon Sep 17 00:00:00 2001
From: Linpeng Zhang <linpeng.zhang@lacework.net>
Date: Wed, 13 Mar 2024 17:51:26 +0000
Subject: [PATCH] skip autofix on 'old' target

---
 src/util.ts | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/src/util.ts b/src/util.ts
index 5659a716..c6abc3b9 100644
--- a/src/util.ts
+++ b/src/util.ts
@@ -24,7 +24,9 @@ export function getActionRef(): string {
 }
 
 export function autofix() {
-  return getBooleanInput('autofix')
+  // autofix does fix all vulnerabilities, regardless of whether they are newly introduced or no
+  // for this reason, we skip if we are scanning the old branch
+  return getBooleanInput('autofix') && getInput('target') != 'old'
 }
 
 export function dynamic() {