Workflow actors are able to approve their own PRs.

[jobinjosem1]

Select Topic Area

Question

Body

What happened?
Workflow actors are able to approve their own PRs.

Problem
When a GitHub Workflow is manually triggered and a new pull request is created, the person who triggered the workflow is able to approve the new PR. However, this creates a vulnerability because other changes can be incorporated into the same PR, allowing for self-approved changes to be merged into the main branch.

Cause
The issue arises because the last pusher on the PR is set to be github-actions, not the effective actor of the workflow. We have attempted to set the git user.name to that of the github_actor, which shows that the commits are made by the user who ran the workflow. However, the user can still approve their own changes. The branch protection policies are in place, so they can't approve any other changes they make. Only the changes made by the workflow can be approved by the user. We are using GH_TOKEN: ${{ github.token }} for authentication, not the user PAT.

Anyone knows a possible workaround other than using a personal PAT token? We have the branch protection enabled as shown in the picture.

[TWiStErRob]

This is not an answer, just something that might help understanding what's going on.

As far as I understood the author of the PR is not the git.committer neither is git.author, but the PAT owner who did the clone. So actions/checkout's token, which is by default github.token means any push made without an explicit PAT at checkout is going to be "owned" by github-actions app.