security: fail closed when upload scanning is unavailable#9
Conversation
|
@codex review |
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 9842bdc4f8
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
|
@codex review |
|
Codex Review: Didn't find any major issues. What shall we delve into next? Reviewed commit: ℹ️ About Codex in GitHubYour team has set up Codex to review pull requests in this repo. Reviews are triggered when you
If Codex has suggestions, it will comment; otherwise it will react with 👍. Codex can also answer questions or update the PR. Try commenting "@codex address that feedback". |
) * security: prevent production development-auth bypass (#8) * security: prevent production development-auth bypass Reject explicit development-auth bypass requests in production, use the real OIDC client by default, and add focused regression coverage for all supported application modes. Remediates audit finding F-001. * style: format F-001 remediation * docs: document development auth bypass opt-in * docs: keep development auth bypass opt-in * security: require production oidc settings * security: fail closed when upload scanning is unavailable (#9) * security: fail closed when upload scanning is unavailable * docs: anonymize F-002 run record * security: enforce default-branch governance (#10) * security: enforce default-branch governance * docs: namespace repository audit finding record * docs: disambiguate repository audit finding ID * fix(audit): consolidate OpenCode project configuration (#11)
* security: prevent production development-auth bypass Reject explicit development-auth bypass requests in production, use the real OIDC client by default, and add focused regression coverage for all supported application modes. Remediates audit finding F-001. * style: format F-001 remediation * docs: document development auth bypass opt-in * docs: keep development auth bypass opt-in * security: require production oidc settings * Enhance security measures and documentation for production settings (#12) * security: prevent production development-auth bypass (#8) * security: prevent production development-auth bypass Reject explicit development-auth bypass requests in production, use the real OIDC client by default, and add focused regression coverage for all supported application modes. Remediates audit finding F-001. * style: format F-001 remediation * docs: document development auth bypass opt-in * docs: keep development auth bypass opt-in * security: require production oidc settings * security: fail closed when upload scanning is unavailable (#9) * security: fail closed when upload scanning is unavailable * docs: anonymize F-002 run record * security: enforce default-branch governance (#10) * security: enforce default-branch governance * docs: namespace repository audit finding record * docs: disambiguate repository audit finding ID * fix(audit): consolidate OpenCode project configuration (#11)
* security: prevent production development-auth bypass Reject explicit development-auth bypass requests in production, use the real OIDC client by default, and add focused regression coverage for all supported application modes. Remediates audit finding F-001. * style: format F-001 remediation * docs: document development auth bypass opt-in * docs: keep development auth bypass opt-in * security: require production oidc settings * Enhance security measures and documentation for production settings (#12) * security: prevent production development-auth bypass (#8) * security: prevent production development-auth bypass Reject explicit development-auth bypass requests in production, use the real OIDC client by default, and add focused regression coverage for all supported application modes. Remediates audit finding F-001. * style: format F-001 remediation * docs: document development auth bypass opt-in * docs: keep development auth bypass opt-in * security: require production oidc settings * security: fail closed when upload scanning is unavailable (#9) * security: fail closed when upload scanning is unavailable * docs: anonymize F-002 run record * security: enforce default-branch governance (#10) * security: enforce default-branch governance * docs: namespace repository audit finding record * docs: disambiguate repository audit finding ID * fix(audit): consolidate OpenCode project configuration (#11)
Summary
SCAN_PROVIDER_NOT_CONFIGUREDscan provenanceSecurity impact
Before this change, the normal upload route treated every file as
CLEANwhen no scan provider was configured, despite recordingscanned: false. This allowed unscanned content to enter ingestion.After this change, the runtime fallback returns
ERROR. The existing workflow records the result, transitions the version toQUARANTINED, and does not create or publish an ingestion request.Validation
git diff --checkpassedCompatibility