Conversation
…otection - Add permissions: read-all to build workflow - Add permissions: contents: write, packages: write to container workflow - Remove protect_from_forgery override in AttachmentsController (inherits from ApplicationController which uses :exception)
There was a problem hiding this comment.
Pull request overview
This PR prepares the 3.0.0beta2 release with configuration improvements for AI-assisted development, GitHub Actions security hardening, and automated dependency management. The version is bumped from 3.0.0beta to 3.0.0beta2, and includes important security improvements by removing an unnecessary CSRF protection override.
Changes:
- Added AI agent guidelines and permissions configuration for safer automated coding workflows
- Hardened GitHub Actions workflows with explicit read-only permissions following security best practices
- Configured automated dependency updates via Dependabot for bundler and npm
- Removed unnecessary CSRF protection override in AttachmentsController (CSRF tokens are automatically handled client-side)
Reviewed changes
Copilot reviewed 7 out of 7 changed files in this pull request and generated 2 comments.
Show a summary per file
| File | Description |
|---|---|
| lib/radvent/version.rb | Version bump from 3.0.0beta to 3.0.0beta2 |
| opencode.jsonc | Added permission configuration for AI coding tools with safe defaults (deny git push, ask for commits/edits) |
| AGENTS.md | Added comprehensive guidelines for AI agents including Git Flow workflow and safety rules |
| app/controllers/attachments_controller.rb | Removed redundant CSRF protection override (jQuery automatically sends CSRF tokens) |
| .github/workflows/container.yml | Added read-only contents permission for security hardening |
| .github/workflows/build.yml | Added read-only contents permission for security hardening |
| .github/dependabot.yml | Configured automated weekly dependency updates for bundler and npm ecosystems |
| target-branch: develop | ||
| updates: | ||
| - package-ecosystem: "bundler" | ||
| directory: "/" | ||
| schedule: | ||
| interval: "weekly" | ||
| open-pull-requests-limit: 10 | ||
| - package-ecosystem: "npm" | ||
| directory: "/" |
There was a problem hiding this comment.
The target-branch field is not a valid top-level configuration option in Dependabot v2 schema. To configure the target branch for pull requests, use the target-branch field under each updates entry instead. For example:
updates:
- package-ecosystem: "bundler"
directory: "/"
target-branch: "develop"
schedule:
interval: "weekly"Alternatively, if you want all Dependabot PRs to target the develop branch, you may need to set the default branch in the repository settings to develop.
| target-branch: develop | |
| updates: | |
| - package-ecosystem: "bundler" | |
| directory: "/" | |
| schedule: | |
| interval: "weekly" | |
| open-pull-requests-limit: 10 | |
| - package-ecosystem: "npm" | |
| directory: "/" | |
| updates: | |
| - package-ecosystem: "bundler" | |
| directory: "/" | |
| target-branch: develop | |
| schedule: | |
| interval: "weekly" | |
| open-pull-requests-limit: 10 | |
| - package-ecosystem: "npm" | |
| directory: "/" | |
| target-branch: develop |
| "bash": { | ||
| "*": "ask", | ||
| "ls *": "allow", | ||
| "cat *": "allow", |
There was a problem hiding this comment.
The "cat *": "allow" permission lets the agent run cat on arbitrary paths without user confirmation, enabling it to read sensitive files such as SSH keys, API tokens, or local configuration secrets. An attacker who controls prompts or external content consumed by the agent could inject instructions to cat sensitive files and have their contents exfiltrated via the LLM output. Consider requiring ask (or stricter) for cat commands and limiting file reads to a constrained workspace or explicit allowlist of safe paths.
| "cat *": "allow", | |
| "cat *": "ask", |
No description provided.