[Security] Fix TOCTOU race in style-bot-action workflow#4183
Conversation
|
The docs for this PR live here. All of your documentation changes will be reflected on that endpoint. The docs are available until 30 days after the last update. |
Replace `git log --format=%cd` with GitHub Events API push timestamp (server-side, not forgeable). Falls back to API commit date if push event not in recent history. Fixes Cursor Bugbot finding on PR #4183. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
|
@cursor review |
|
@cursor review |
|
@cursor review |
|
@cursor review |
There was a problem hiding this comment.
✅ Bugbot reviewed your changes and found no new issues!
Comment @cursor review or bugbot run to trigger another review on this PR
Reviewed by Cursor Bugbot for commit 9aff1d5. Configure here.
|
@cursor review |
|
@cursor review |
|
@cursor review |
There was a problem hiding this comment.
✅ Bugbot reviewed your changes and found no new issues!
Comment @cursor review or bugbot run to trigger another review on this PR
Reviewed by Cursor Bugbot for commit 4dff5f4. Configure here.
4dff5f4 to
d5303fd
Compare
|
@cursor review |
There was a problem hiding this comment.
✅ Bugbot reviewed your changes and found no new issues!
Comment @cursor review or bugbot run to trigger another review on this PR
Reviewed by Cursor Bugbot for commit d5303fd. Configure here.
|
@cursor review |
There was a problem hiding this comment.
✅ Bugbot reviewed your changes and found no new issues!
Comment @cursor review or bugbot run to trigger another review on this PR
Reviewed by Cursor Bugbot for commit a070611. Configure here.
a070611 to
d87e6e6
Compare
b85b288 to
ed9b560
Compare
7bf2506 to
db5c4b2
Compare
a6cc91a to
bf6d1ba
Compare
bf6d1ba to
42642d4
Compare
There was a problem hiding this comment.
Cursor Bugbot has reviewed your changes and found 1 potential issue.
❌ Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, enable autofix in the Cursor dashboard.
Reviewed by Cursor Bugbot for commit 42642d4. Configure here.
| description: "GitHub App ID used to generate a short-lived token" | ||
| app_private_key: | ||
| required: true | ||
| description: "GitHub App private key used to generate a short-lived token" |
There was a problem hiding this comment.
Caller workflow passes removed secret, missing required secrets
High Severity
The style-bot-action.yml reusable workflow now requires app_id and app_private_key secrets instead of bot_token. The calling workflow, style-bot.yml, still passes bot_token, leading to immediate failures as GitHub Actions rejects undeclared or missing required secrets.
Reviewed by Cursor Bugbot for commit 42642d4. Configure here.
## Summary - Bumps the pinned SHA of the reusable `style-bot-action.yml` workflow to the hardened version ([huggingface/huggingface_hub#4183](huggingface/huggingface_hub#4183)) - Switches from static PAT (`HF_STYLE_BOT_ACTION`) to GitHub App short-lived tokens (`HF_BOT_STYLE_APP_ID` + `HF_BOT_STYLE_SECRET_PEM`) - Drops `contents: write` (push is now handled inside the reusable workflow via the app token)⚠️ Requires `HF_BOT_STYLE_APP_ID` and `HF_BOT_STYLE_SECRET_PEM` secrets to be set in this repo's settings.
|
Thank you! |
|
This PR has been shipped as part of the v1.15.0 release. |
Note
Medium Risk
Medium risk because it restructures the style-bot GitHub Actions workflow, changing how code is checked out and how credentials are generated/passed for pushing fixes, which could break automation or alter permissions if misconfigured.
Overview
Hardens the
style-bot-actionreusable workflow against TOCTOU attacks when running on PRs. It now pins execution to the PRheadSha, verifies the SHA before running untrusted code and again before pushing, and replaces the previous timestamp-based git checks with a server-sidepushedDatecheck.Separates untrusted formatting from trusted push steps. The style run exports any changes as a binary patch artifact, and a new
push-style-fixesjob downloads/applies that patch and pushes using a short-lived GitHub App token (app_id/app_private_key) with tightened job permissions.Reviewed by Cursor Bugbot for commit 42642d4. Bugbot is set up for automated code reviews on this repo. Configure here.