Skip to content

fix(ci): validate release workflow version input#40

Merged
BunsDev merged 1 commit into
mainfrom
codex/fix-command-injection-in-release-workflow
Jun 6, 2026
Merged

fix(ci): validate release workflow version input#40
BunsDev merged 1 commit into
mainfrom
codex/fix-command-injection-in-release-workflow

Conversation

@BunsDev
Copy link
Copy Markdown
Member

@BunsDev BunsDev commented Jun 5, 2026

Motivation

  • Prevent command injection via the workflow_dispatch version input by avoiding direct interpolation of ${{ inputs.version }} into shell run blocks and by validating the supplied value.
  • Reduce blast radius if a future workflow issue is introduced by disabling persisted checkout credentials where the release job runs.

Description

  • Add an environment variable RELEASE_VERSION derived from the workflow input and use it in shell steps instead of ${{ inputs.version }}.
  • Add a Validate version input step that enforces a strict v-prefixed SemVer regex (e.g. v0.1.0) before any shell usage.
  • Replace direct uses of the input in checks and the release creation with the validated env variable (preflight tag checks, CURRENT_TAG, softprops/action-gh-release tag_name / name, and the gh workflow run dispatch).
  • Disable persisted checkout credentials (persist-credentials: false) in the release jobs to avoid exposing repo write creds to later shell commands.

Testing

  • Ran git diff --check and resolved whitespace/format issues, success.
  • Parsed the workflow YAML with Ruby: ruby -e 'require "yaml"; YAML.load_file(".github/workflows/release.yml")', success.
  • Verified there is no remaining ${{ inputs.version }} interpolation inside any run blocks with a Python check, success.
  • Regression check: simulated a malicious payload passed as RELEASE_VERSION via environment and verified the regex validation rejects payloads containing command substitutions and that no side-effect files are created, success.

Codex Task

Copilot AI review requested due to automatic review settings June 5, 2026 23:48
Copilot AI reviewed Jun 5, 2026
View reviewed changes
Copy link
Copy Markdown

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Hardens the GitHub Actions release workflow against command injection by validating the workflow_dispatch version input and avoiding direct interpolation of the input in shell run blocks. It also reduces credential exposure during release-related checkouts by disabling persisted checkout credentials.

Changes:

  • Introduces RELEASE_VERSION workflow env var sourced from the dispatch input and uses it in shell steps.
  • Adds an early preflight validation step to enforce a v-prefixed SemVer-like tag format.
  • Disables persisted checkout credentials (persist-credentials: false) in preflight/build/release jobs and updates release/tag/dispatch steps to use the validated env var.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comment thread .github/workflows/release.yml

- name: Validate version input
run: |
if [[ ! "$RELEASE_VERSION" =~ ^v[0-9]+\.[0-9]+\.[0-9]+(-[0-9A-Za-z.-]+)?$ ]]; then
@BunsDev BunsDev merged commit a1314a3 into main Jun 6, 2026
1 check passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

Assignees

No one assigned

Labels

aardvark codex

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@BunsDev