Conversation
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
|
|
Greptile SummaryThis PR hardens the repository's GitHub Actions CI/CD workflows against injection attacks and over-privileged credentials, following recommendations from the zizmor static analysis tool. The core changes are: moving inline Confidence Score: 2/5Not safe to merge as-is: The security hardening intent is sound and most changes are correct. However, the
|
| Filename | Overview |
|---|---|
| .github/workflows/create_daily_staging_branch.yml | Adds persist-credentials: false and permissions: contents: write, but breaks git push because no authentication mechanism is configured for git after credentials are dropped. |
| .github/workflows/auto_update_price_and_context_window.yml | Adds top-level permissions block and persist-credentials: false; git operations use GH_TOKEN via the gh CLI which can work independently of the checkout credential helper. |
| .github/actions/helm-oci-chart-releaser/action.yml | Moves all inline ${{ inputs.* }} expressions to env vars and uses quoted shell references — correct injection-hardening with no functional regressions. |
| .github/workflows/llm-translation-testing.yml | Switches actions/cache → actions/cache/restore, which silently drops cache-save behaviour; inline expressions moved to env vars correctly. |
| .github/workflows/run_observatory_tests.yml | Replaces ${{ env.TUNNEL_URL }} / ${{ env.CLOUDFLARED_PID }} with bare shell vars; these are set via $GITHUB_ENV so are available as real shell env vars in later steps — safe change. |
| .github/dependabot.yaml | Adds cooldown periods (7 days default, 14 days for major bumps) to reduce dependabot noise — straightforward and safe. |
| .github/workflows/stale.yml | Adds explicit issues: write and pull-requests: write permissions, matching what the stale action already needs — safe improvement. |
Flowchart
%%{init: {'theme': 'neutral'}}%%
flowchart TD
A[Workflow trigger] --> B[actions/checkout\npersist-credentials: false]
B --> C{Job needs\ngit push?}
C -- No --> D[✅ Read-only jobs\ntest-linting, test-litellm,\ncodspeed, codeql, etc.]
C -- Yes --> E{Explicit auth\nconfigured?}
E -- Yes --> F[✅ auto_update_price\nuses GH_TOKEN via gh CLI]
E -- No --> G[❌ create_daily_staging_branch\ngit push fails — no credential helper]
G --> H[403 Authentication Error\nat runtime]
Comments Outside Diff (1)
-
.github/workflows/create_daily_staging_branch.yml, line 45 (link)git pushwill fail afterpersist-credentials: falseSetting
persist-credentials: falseonactions/checkoutremoves the credential helper that the action normally injects into the git config. As a result,git push origin $BRANCH_NAMEhas no way to authenticate with GitHub and will fail with a 403/authentication error at runtime.The
GITHUB_TOKENenvironment variable is present, but git does not read that variable automatically — it relies on the credential helper configured byactions/checkout, which is now disabled.To fix both the
create-staging-branchjob (line 45) and thecreate-internal-dev-branchjob (line 85), you need to either:- Re-configure the git remote URL to embed the token before the push (e.g. using
gh auth setup-git), or - Drop
persist-credentials: falsefrom these two jobs, since they intentionally need write access to push branches.
The
persist-credentials: falseapproach is correct for read-only checkout jobs, but it breaks jobs that must push back to the repository. - Re-configure the git remote URL to embed the token before the push (e.g. using
Reviews (1): Last reviewed commit: "fix: address zizmor comments" | Re-trigger Greptile
![greptile-apps[bot]](https://avatars.githubusercontent.com/in/867647?s=60&v=4){kind=small}
|
|
||
| - name: Cache Poetry dependencies | ||
| uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.0.0 | ||
| - name: Restore Poetry dependencies cache |
There was a problem hiding this comment.
Renaming from actions/cache to actions/cache/restore is a meaningful semantic change: cache/restore only restores a previously-saved cache entry but never writes an updated entry back at the end of the job. Using actions/cache would both restore and save.
The practical effect is that the Poetry virtual-environment cache will gradually become stale and will never be refreshed (e.g., when pyproject.lock changes). This defeats the purpose of the cache step over time and can lead to test failures when new dependencies are added.
If the goal was purely to satisfy a zizmor warning, consider using actions/cache with an explicit save-always: false option, or add a separate actions/cache/save step after tests complete, so the cache is still kept up-to-date.
2 participants
Relevant issues
Addresses #24512 (comment)
Pre-Submission checklist
Please complete all items before asking a LiteLLM maintainer to review your PR
tests/test_litellm/directory, Adding at least 1 test is a hard requirement - see detailsmake test-unit@greptileaiand received a Confidence Score of at least 4/5 before requesting a maintainer reviewDelays in PR merge?
If you're seeing a delay in your PR being merged, ping the LiteLLM Team on Slack (#pr-review).
CI (LiteLLM team)
Branch creation CI run
Link:
CI run for the last commit
Link:
Merge / cherry-pick CI run
Links:
Type
🆕 New Feature
🐛 Bug Fix
🧹 Refactoring
📖 Documentation
🚄 Infrastructure
✅ Test
Changes