Skip to content

Release prep: SEC-01 loopback, SECURITY.md, mcp-resources, npm release CI#1

Merged
ElbertePlinio merged 7 commits into
mainfrom
chore/release-rollout
Jun 29, 2026
Merged

Release prep: SEC-01 loopback, SECURITY.md, mcp-resources, npm release CI#1
ElbertePlinio merged 7 commits into
mainfrom
chore/release-rollout

Conversation

@ElbertePlinio

Copy link
Copy Markdown
Member

Release-rollout prep branch. See commits for the full set. No outward release actions (visibility/tags/publish) are part of this PR.

@chatgpt-codex-connector chatgpt-codex-connector Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: f7f83f4038

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

Comment thread .github/workflows/release.yml Outdated
if: startsWith(github.ref, 'refs/tags/v')
env:
GH_TOKEN: ${{ github.token }}
run: gh release create "${{ github.ref_name }}" --generate-notes

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P1 Badge Avoid shell-expanding the release tag name

For a pushed tag whose name contains command substitution (for example Git accepts refs/tags/v1.2.3$(id), which matches the v*.*.* trigger), Actions substitutes github.ref_name into this script before Bash parses it; inside double quotes, $(...) and backticks still execute. In that scenario this step can run tag-controlled commands with the contents: write GH_TOKEN, so pass the ref name through an environment variable and reference that variable in the shell instead.

Useful? React with 👍 / 👎.

Comment thread packages/core/src/redact.ts Outdated

const ASSIGNMENT_RE =
/(\b[A-Za-z0-9_.-]*(?:token|secret|password|passwd|api[_-]?key|authorization|bearer|credential)[A-Za-z0-9_.-]*\s*[=:]\s*)("[^"\r\n]*"|'[^'\r\n]*'|[^\r\n]+)/gi;
/(\b[A-Za-z0-9_.-]*(?:token|secret|password|passwd|api[_-]?key|authorization|bearer|credential)[A-Za-z0-9_.-]*\s*[=:]\s*)("[^"\r\n]*"|'[^'\r\n]*'|[^\r\n"'<>]+)/gi;

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P2 Badge Redact values that contain angle brackets

By excluding </> from unquoted assignment values, log/UI text such as token=<session-secret> no longer matches this redactor at all, and authorization=Bearer <session-secret> redacts only Bearer while leaving <session-secret> intact. These strings still use secret-looking keys and can flow through the redacted logcat/UI-tree paths, so this regression can leak non-literal-format secrets.

Useful? React with 👍 / 👎.

Comment thread packages/cli/src/commands/android.ts Outdated
Comment on lines +257 to +258
if (message.startsWith("No running android session")) {
return undefined;

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P2 Badge Fail closed when sessions exist outside this project

When picklab android adb is run without --session/--serial from a project that has no Android session, but the same PICKLAB_HOME has running Android sessions for other projects, resolveSessionRecord filters those sessions out by projectDir and produces No running android session for this project. This startsWith check treats that as globally sessionless and runs raw untargeted adb, so the command can act on whichever device adb selects instead of failing closed while Android sessions still exist.

Useful? React with 👍 / 👎.


- name: Publish @pickforge/picklab
working-directory: packages/cli
run: npm publish --access public

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P2 Badge Guard npm publish to tag releases

Because this workflow also supports workflow_dispatch, manually running it from main or another non-tag ref still reaches npm publish, while the GitHub release step is skipped by its tag-only if. That can publish the current packages/cli version to npm without a corresponding tag/release (or fail after attempting to publish an already-released version), so the publish step should be gated to the same tag condition or the dispatch path should require an explicit release ref.

Useful? React with 👍 / 👎.

Pass github.ref_name through a RELEASE_TAG env var instead of interpolating it directly into the gh release shell command, preventing command substitution from a malicious pushed tag. Gate the npm publish step on a version tag so workflow_dispatch runs from non-tag refs cannot publish.
…cross-project adb

Redact assignment values that are wrapped in or contain angle brackets
(token=<secret>, authorization=Bearer <secret>), which previously broke
the unquoted-value match and leaked the secret.

Make 'android adb' without --session/--serial fail closed when the
current project has no android session but other projects under the same
PICKLAB_HOME do, instead of falling open to an untargeted adb call.
@ElbertePlinio ElbertePlinio merged commit 4a571fb into main Jun 29, 2026
1 check failed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant