[CI] Harden release workflow permissions and inputs#4072
Conversation
Apply least-privilege permissions per job instead of broad top-level write access. Pin OpenCode install to a specific version. Move workflow inputs to env blocks to prevent script injection. Addresses security review from paulinebm in #4046. Co-Authored-By: Claude Opus 4.6 (1M context) <[email protected]>
|
The docs for this PR live here. All of your documentation changes will be reflected on that endpoint. The docs are available until 30 days after the last update. |
Use repository variables OPENCODE_VERSION and OPENCODE_SHA256 to pin the version and verify the binary integrity via sha256sum. Co-Authored-By: Claude Opus 4.6 (1M context) <[email protected]>
![cursor[bot]](https://avatars.githubusercontent.com/in/1210556?s=60&v=4){kind=small}
There was a problem hiding this comment.
Cursor Bugbot has reviewed your changes and found 1 potential issue.
❌ Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, enable autofix in the Cursor dashboard.
Reviewed by Cursor Bugbot for commit 1cadd10. Configure here.
| run: curl -fsSL https://opencode.ai/install | bash | ||
| run: | | ||
| curl -fsSL https://opencode.ai/install | bash -s -- --version ${{ vars.OPENCODE_VERSION }} | ||
| echo "${{ vars.OPENCODE_SHA256 }} $(which opencode)" | sha256sum -c - |
There was a problem hiding this comment.
Repository variables interpolated directly in shell, bypassing env indirection
Medium Severity
${{ vars.OPENCODE_VERSION }} and ${{ vars.OPENCODE_SHA256 }} are directly interpolated into run: shell scripts — the same script-injection anti-pattern this PR fixes for inputs.* by moving them to env: blocks. Notably, vars.OPENCODE_VERSION is used unquoted, so a value containing shell metacharacters (e.g. ; malicious-cmd) would execute arbitrary commands. These expressions need the same env:-block indirection applied to the workflow inputs for defense-in-depth consistency.
Additional Locations (1)
Reviewed by Cursor Bugbot for commit 1cadd10. Configure here.
Wauplin
changed the title
2 participants
Summary
permissions: { contents: write, pull-requests: write }withpermissions: {}and add least-privilege per-job permissionsVERSION_OVERRIDEandRELEASE_TYPEworkflow inputs toenv:blocks to prevent script injectionvars.OPENCODE_VERSIONand verify binary integrity via SHA256 checksum (vars.OPENCODE_SHA256)Addresses security review from @paulinebm in #4046.
🤖 Generated with Claude Code
Note
Medium Risk
Changes the release GitHub Actions workflow (permissions, input handling, and third-party install verification), which can affect publishing if misconfigured but is limited to CI configuration.
Overview
Tightens the
release.ymlGitHub Actions workflow by removing broad top-level token permissions and granting least-privilegepermissionsper job (e.g., write only where tags/releases are created, read elsewhere).Hardens shell execution by passing
release_type/version_overridevia stepenv:instead of inline interpolation, and pins + verifies the OpenCode installer by specifyingvars.OPENCODE_VERSIONand validating the installed binary withvars.OPENCODE_SHA256.Reviewed by Cursor Bugbot for commit 1cadd10. Bugbot is set up for automated code reviews on this repo. Configure here.