fix(ci): require maintainer association for /update-snapshots trigger#532
Merged
fix(ci): require maintainer association for /update-snapshots trigger#532
Conversation
The issue_comment trigger previously ran for any commenter on a PR. On a public repo this lets drive-by users trigger a job with contents:write that checks out the PR branch, runs playwright --update-snapshots, and pushes a [skip ci] commit. Gate the issue_comment path on author_association being OWNER, MEMBER or COLLABORATOR. workflow_dispatch is unchanged (already requires repo write access).
jonathanhefner
approved these changes
Mar 6, 2026
ochafik
added a commit
that referenced
this pull request
Mar 10, 2026
Changes since 1.2.0: - fix: bundle SDK+zod in react-with-deps (was byte-identical to ./react) (#539) - fix(build): copy schema.json to dist and externalize zod (#534) - fix: skip debug log for high-frequency tool-input-partial notifications (#546) - fix(deps): drop @hono/node-server override to patch GHSA-wc8c-qw6v-h7f6 (#535) - fix(readme): use picture element for theme-aware logo (#545) - fix(ci): require maintainer association for /update-snapshots trigger (#532) - fix: pre-commit stages only originally-staged files; add .npmrc (#538) - ci: use npm ci with caching, validate typedoc links, align Node versions (#533) - test: exclude screenshot-gen from default E2E run; wire pdf-server tests (#537)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Problem
.github/workflows/update-snapshots.ymltriggers onissue_commentwhenever a PR comment contains/update-snapshots, with no check on who posted the comment.Attack vector
On a public repo, anyone who can comment on a PR can:
/update-snapshotson any open PRpermissions: contents: writeplaywright test --update-snapshots, and pushes a commit with[skip ci]The
[skip ci]tag means the pushed commit bypasses CI. Combined with PR approval rules that don't dismiss on new commits, this lets unreviewed pixel changes land.Fix
Add
github.event.comment.author_associationcheck to the job's existingif:condition. OnlyOWNER,MEMBER, orCOLLABORATORcan trigger the comment path.workflow_dispatchpath is unchanged — it already requires repo write access to invoke.Diff
Unauthorized comments now silently skip the job (no reaction, no comment — can add a deny-reaction job later if desired).