Skip to content

fix(sec): harden remaining workflow shell injection points and urllib guard#171

Merged
longieirl merged 2 commits into
mainfrom
fix/sec-remaining-workflow-injections
May 4, 2026
Merged

fix(sec): harden remaining workflow shell injection points and urllib guard#171
longieirl merged 2 commits into
mainfrom
fix/sec-remaining-workflow-injections

Conversation

@longieirl
Copy link
Copy Markdown
Owner

@longieirl longieirl commented May 4, 2026

Summary

Follow-on from #170. Independent code review of the shell injection fix identified three additional workflow files carrying the same ${{ github.* }} / ${{ needs.*.outputs.* }} interpolation-in-run pattern, plus a urllib input validation gap in scripts/supply_chain_risk.py.

Closes #168 (remaining gaps identified by independent review).
Closes #169 (urllib file:// vector hardened before script enters CI).

Changes

Workflow hardening (shell injection — same pattern as PR #170)

File Steps fixed Prior risk
release.yml Verify version consistency, Extract metadata, Verify image, Extract changelog, Release summary High — workflow has contents: write + packages: write permissions
thank-you-sync.yml Add all committers, Commit and Push Low — PR number is integer, but consistent with project posture
ci.yml Smoke-test image Low — PR number is integer

All ${{ ... }} expressions moved to env: blocks; run: scripts reference ${ENV_VAR} only.

scripts/supply_chain_risk.py — PyPI name validation guard

Added _PYPI_NAME_RE (PEP 508 package name regex) that rejects any package_name not matching ^[A-Za-z0-9]([A-Za-z0-9._-]*[A-Za-z0-9])?$ before the urllib.request.urlopen call. This eliminates any theoretical path-traversal or scheme-injection vector if this script is ever wired into CI with an untrusted SBOM as input.

Type

  • Security

Testing

  • Workflow-only changes verified by reading final file state
  • supply_chain_risk.py change is a pure guard — returns {} for invalid names, same as the existing error path; no behaviour change for valid PyPI names
  • Tests pass (coverage ≥ 91%) — no Python package source changed

Checklist

  • Code follows project style
  • Self-reviewed
  • No new warnings

Downstream impact

  • This PR changes a public interface in bankstatements_core

@web-flow
fix(sec): harden remaining workflow shell injection points and urllib…
72407a2 
… guard

Move all remaining ${{ github.* }} and ${{ needs.*.outputs.* }} context
expressions out of run: blocks into env: in release.yml, ci.yml, and
thank-you-sync.yml. Addresses the injection pattern found by independent
code review on PR #170 (closes #168 follow-on gaps).

Also adds a PyPI name regex guard in supply_chain_risk.py to reject
package names that do not conform to PEP 508, future-proofing the
urllib call before this script is promoted to CI (closes #169).
@longieirl longieirl self-assigned this May 4, 2026
@github-actions github-actions Bot added bug Something isn't working ci labels May 4, 2026
@longieirl longieirl merged commit 200c637 into main May 4, 2026
11 checks passed
@longieirl longieirl deleted the fix/sec-remaining-workflow-injections branch May 4, 2026 10:27
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@longieirl longieirl

Labels

bug Something isn't working ci

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

sec: dynamic urllib use in supply_chain_risk.py allows file:// scheme sec: shell injection via github.ref_name in release-core.yml run steps

2 participants

@longieirl @web-flow