feat(backend): add security features to github backend#7387
Merged
Conversation
Contributor
There was a problem hiding this comment.
Pull request overview
This PR adds security verification features to the GitHub backend, enabling verification of downloaded artifacts through GitHub Attestations and SLSA provenance. The implementation checks attestations first, falling back to SLSA provenance when attestations are unavailable, with verification failures treated as hard errors rather than warnings.
Key Changes:
- Added security verification flow that checks GitHub Attestations first, then SLSA provenance as fallback
- Introduced two new settings (
github.github_attestationsandgithub.slsa) both enabled by default - Updated
SecurityFeature::Slsaenum variant to include optionallevelfield
Reviewed changes
Copilot reviewed 6 out of 6 changed files in this pull request and generated 3 comments.
Show a summary per file
| File | Description |
|---|---|
| src/cli/tool.rs | Updated display logic for SLSA security feature to show level when available |
| src/backend/mod.rs | Modified SecurityFeature::Slsa enum to include optional level field |
| src/backend/github.rs | Added security verification methods and security_info implementation for GitHub backend |
| src/backend/aqua.rs | Updated SLSA feature instantiation to use new struct syntax with level: None |
| settings.toml | Added configuration options for GitHub attestations and SLSA verification |
| schema/mise.json | Added JSON schema definitions for new GitHub security settings |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| self.verify_attestations_or_slsa(ctx, tv, &file_path) | ||
| .await?; | ||
|
|
||
| install_artifact(tv, &file_path, opts, Some(ctx.pr.as_ref()))?; |
There was a problem hiding this comment.
The verification order has been changed so that verify_attestations_or_slsa is now called before install_artifact. However, the original call to verify_artifact on line 392 is still present before the checksum verification. Consider documenting why verify_artifact is called separately before the attestation/SLSA verification, or if the verification order is intentional for security reasons.
| optional = true | ||
| type = "Path" | ||
|
|
||
| [github.github_attestations] |
There was a problem hiding this comment.
The setting name github.github_attestations is redundant with 'github' appearing twice. Consider renaming to github.attestations for better clarity and consistency.
Suggested change
| [github.github_attestations] | |
| [github.attestations] |
| "type": "object", | ||
| "additionalProperties": false, | ||
| "properties": { | ||
| "github_attestations": { |
There was a problem hiding this comment.
The JSON schema property name should match the suggested rename of the setting to attestations for consistency with the parent github object.
Suggested change
| "github_attestations": { | |
| "attestations": { |
jdx
force-pushed
the
feat/github-security-features
branch
from
d81d713 to
50c0625
Compare
![cursor[bot]](https://avatars.githubusercontent.com/in/1210556?s=60&v=4){kind=small}
jdx
force-pushed
the
feat/github-security-features
branch
3 times, most recently
from
10256e6 to
c239f88
Compare
- Add GitHub Artifact Attestations verification - Add SLSA provenance verification - Add checksum verification reporting (sha256) - Verify attestations first, fall back to SLSA if not found - Verification failures are hard errors - Add settings github.github_attestations and github.slsa - Update SecurityFeature::Slsa to include level field 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <[email protected]>
jdx
force-pushed
the
feat/github-security-features
branch
from
c239f88 to
6971186
Compare
Update aqua's security_info() to fetch actual release assets from GitHub and detect security features based on asset filenames, in addition to checking registry metadata. This provides more accurate detection of: - Checksums (sha256, checksum files) - GitHub Attestations (.sigstore.json, .sigstore) - SLSA provenance (.intoto.jsonl, provenance, .attestation) - Cosign signatures (.sig, cosign) - Minisign signatures (.minisig) 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <[email protected]>
- Fix verify_minisign to check aqua.minisign setting instead of slsa - Fix security_info() in github.rs to report features based on asset existence, not user settings (security_info shows what tools SUPPORT, not what user has enabled) 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <[email protected]>
Hyperfine Performance
|
| Command | Mean [ms] | Min [ms] | Max [ms] | Relative |
|---|---|---|---|---|
mise-2025.12.11 x -- echo |
20.3 ± 0.8 | 19.2 | 24.6 | 1.00 |
mise x -- echo |
21.0 ± 0.9 | 19.5 | 23.6 | 1.04 ± 0.06 |
mise env
| Command | Mean [ms] | Min [ms] | Max [ms] | Relative |
|---|---|---|---|---|
mise-2025.12.11 env |
19.8 ± 0.8 | 18.7 | 26.5 | 1.00 |
mise env |
20.3 ± 0.9 | 18.7 | 23.3 | 1.02 ± 0.06 |
mise hook-env
| Command | Mean [ms] | Min [ms] | Max [ms] | Relative |
|---|---|---|---|---|
mise-2025.12.11 hook-env |
20.5 ± 1.0 | 19.0 | 33.0 | 1.00 |
mise hook-env |
21.0 ± 0.9 | 19.4 | 23.2 | 1.03 ± 0.07 |
mise ls
| Command | Mean [ms] | Min [ms] | Max [ms] | Relative |
|---|---|---|---|---|
mise-2025.12.11 ls |
18.6 ± 0.7 | 16.9 | 21.0 | 1.00 |
mise ls |
18.7 ± 0.9 | 17.2 | 21.1 | 1.01 ± 0.06 |
xtasks/test/perf
| Command | mise-2025.12.11 | mise | Variance |
|---|---|---|---|
| install (cached) | 112ms | 111ms | +0% |
| ls (cached) | 68ms | 70ms | -2% |
| bin-paths (cached) | 73ms | 73ms | +0% |
| task-ls (cached) | 285ms | 282ms | +1% |
jekis913
added a commit
to jekis913/mise
that referenced
this pull request
Dec 19, 2025
* upstream/renovate/lockfile-maintenance: chore(deps): lock file maintenance fix(ci): improve GHA cache efficiency and fix registry-ci bug (jdx#7404) feat(tera): add haiku() function for random name generation (jdx#7399) feat: implement independent versioning for subcrates (jdx#7402) docs: add comprehensive glossary (jdx#7401) docs: improve installation documentation (jdx#7403) test: add token pool integration for rate limit distribution (jdx#7397) docs: add link to COPR package page for Fedora/RHEL test: rename duplicate 'ci' job names for clarity (jdx#7398) registry: add github backend for swiftformat (jdx#7396) chore: rename mise-tools to mise-versions chore: release 2025.12.12 (jdx#7386) fix(github): use version_prefix when fetching release for SLSA verification (jdx#7391) refactor(vfox): remove submodules, embed plugins directly (jdx#7389) test(registry): add final ci job as merge gate (jdx#7390) test: split unit job to speed up macOS CI (jdx#7388) feat(backend): add security features to github backend (jdx#7387)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
github_attestationsandslsathat apply to all backendsgithub.github_attestationsandgithub.slsaSecurityFeature::Slsato include optionallevelfieldSecurity Flow
github_attestationsANDgithub.github_attestationsenabled, try to verify GitHub attestationsslsaANDgithub.slsaenabled, try to verify SLSA provenanceSettings
Global settings (apply to all backends):
MISE_GITHUB_ATTESTATIONS- Enable/disable GitHub Attestations verification globally (default: true)MISE_SLSA- Enable/disable SLSA provenance verification globally (default: true)GitHub backend-specific settings:
MISE_GITHUB_GITHUB_ATTESTATIONS- Enable/disable for github backend (default: true)MISE_GITHUB_SLSA- Enable/disable for github backend (default: true)Both global AND backend-specific settings must be enabled for verification to occur.
Test plan
mise tool <github-backend-tool>shows security features from latest releaseMISE_SLSA=falsedisables SLSA verification globally🤖 Generated with Claude Code
Note
Implements attestations-first (SLSA fallback) verification for GitHub installs, exposes security info, adds global and backend-specific settings, and extends
SecurityFeature::Slsawith an optional level.src/backend/github.rs(verify before install; hard-fail on verification errors).security_info()to detectchecksum,github_attestations, andslsafrom latest release assets.try_verify_github_attestationsandtry_verify_slsa; internalVerificationStatusenum.verify_slsaandverify_github_attestationsby new global and aqua-specific settings; fix minisign guard toaqua.minisign.SecurityFeature::SlsatoSlsa { level: Option<u8> }and render level insrc/cli/tool.rs.settings.slsaandsettings.githubgroup (github_attestations,slsa) with env vars.settings.tomldocs for new settings and descriptions.Written by Cursor Bugbot for commit 580dfd1. This will update automatically on new commits. Configure here.