ci: bot workflow TOCTOU and execution hardening [PM-22117]#848
Merged
Conversation
Contributor
|
KICS version: v2.1.19
|
Made-with: Cursor
6646de2 to
c6e0b2f
Compare
…-22117] - Checkout by commit SHA instead of branch name to close TOCTOU window - Remove .envrc sourcing; set EARTHLY_CONFIG explicitly via env: block - Move pr_number from direct interpolation to env: block with process.env Made-with: Cursor
…M-22117] - Checkout by commit SHA instead of branch name to close TOCTOU window - Remove .envrc sourcing; set EARTHLY_CONFIG explicitly via env: block - Move pr_number from direct interpolation to env: block with process.env Made-with: Cursor
- Checkout by commit SHA instead of branch name to close TOCTOU window - Move pr_number from direct interpolation to env: block with process.env Made-with: Cursor
…on [PM-22117] - Checkout by commit SHA instead of branch name to close TOCTOU window - Move pr_number from direct interpolation to env: block with process.env - Move strategy from direct interpolation to env: block with process.env Made-with: Cursor
…into fix/PM-22117-bot-workflow-security-hardening
Made-with: Cursor
…flow-security-hardening Made-with: Cursor # Conflicts: # .github/workflows/rebuild-metadata-bot.yml
Contributor
Author
|
/bot rebuild-metadata |
Contributor
|
✅ Metadata rebuild complete. No changes detected. |
Contributor
Author
|
/bot rebuild-chainspec qanet |
Contributor
|
❌ Chainspec rebuild failed. Check the workflow logs for details. |
Contributor
Author
|
/bot rebuild-chainspec devnet |
Contributor
|
✅ Chainspec rebuild complete! Changes have been committed. |
Contributor
Author
|
/bot cargo-fmt |
Contributor
|
✅ Cargo format complete. No changes detected. |
Contributor
Author
|
/bot fix-metadata-conflicts |
Contributor
|
❌ Failed to fix metadata conflicts. Check the workflow logs for details. |
Contributor
Author
|
/bot fix-metadata-conflicts accept-current |
Contributor
|
ℹ️ No conflicts detected between this PR and the |
ozgb
reviewed
Mar 4, 2026
ozgb
left a comment
Contributor
There was a problem hiding this comment.
Looks good! chainspec changes need reverting before merge
12 tasks
Signed-off-by: Giles Cope <gilescope@gmail.com>
gilescope
approved these changes
Mar 13, 2026
gilescope
pushed a commit
that referenced
this pull request
Apr 8, 2026
This reverts commit 15cbc58.
m2ux
added a commit
that referenced
this pull request
Apr 23, 2026
This reverts commit 15cbc58. Signed-off-by: Mike Clay <mike.clay@shielded.io>
m2ux
added a commit
that referenced
this pull request
Apr 23, 2026
This reverts commit 15cbc58. Signed-off-by: Mike Clay <mike.clay@shielded.io>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Harden four comment-triggered bot workflows against TOCTOU race conditions and expression injection vulnerabilities identified by CI/CD security audit (M-F001, M-F002, M-F003, M-F004).
🎫 PM-22117 📐 Engineering 🧪 Test Plan
Motivation
Bot workflows (
rebuild-metadata-bot,rebuild-chainspec-bot,cargo-fmt-bot,fix-metadata-conflicts-bot) check out PR code by branch name instead of commit SHA, creating a TOCTOU window where unreviewed commits can be injected between the permission check and code execution. In the two earthly-based bots, this code runs with repository secret access via.envrcsourcing and Docker privileged mode. Additionally, several workflows interpolate user-supplied inputs (pr_number,strategy) directly into JavaScript execution contexts, enabling expression injection.Changes
.envrcsourcing (setEARTHLY_CONFIGexplicitly), fixedpr_numberexpression injection viaenv:block.envrcsourcing (setEARTHLY_CONFIGexplicitly), fixedpr_numberexpression injection viaenv:blockpr_numberexpression injection viaenv:blockpr_numberandstrategyexpression injection viaenv:blocks📌 Submission Checklist
🔱 Fork Strategy
🗹 TODO before merging