Skip to content

fix(ci): validate CLI release tag input#1819

Open
chaliy wants to merge 1 commit into
mainfrom
2026-06-02-fix-tag-input-command-injection-vulnerability
Open

fix(ci): validate CLI release tag input#1819
chaliy wants to merge 1 commit into
mainfrom
2026-06-02-fix-tag-input-command-injection-vulnerability

Conversation

@chaliy
Copy link
Copy Markdown
Contributor

@chaliy chaliy commented Jun 2, 2026

Motivation

  • The workflow_dispatch tag input in .github/workflows/cli-binaries.yml was interpolated directly into shell run: blocks and used as the actions/checkout ref, allowing command injection and secret exposure when run with write-scoped tokens.
  • The change enforces a strict release-tag format and avoids embedding untrusted input into shell source to remove the injection attack surface.
  • The workflow permissions were tightened to follow least privilege so write access is only granted where needed.

Description

  • Add a validate-tag job that validates inputs.tag against the regex ^v[0-9]+\.[0-9]+\.[0-9]+$ and publishes the validated value as a job output for downstream jobs to consume.
  • Lower the workflow-level permissions to contents: read, and keep contents: write only on the build job that uploads release artifacts.
  • Make build depend on validate-tag, change actions/checkout to use ref: ${{ needs.validate-tag.outputs.tag }} and set persist-credentials: false to avoid exposing checkout credentials to untrusted refs.
  • Replace all direct ${{ inputs.tag }} interpolations in run: blocks with an explicit RELEASE_TAG/TAG environment variable derived from the validated job output, and make update-homebrew depend on both validate-tag and build.

Testing

  • Parsed the modified workflow with Ruby YAML.load_file to ensure valid YAML, and the parser succeeded. (passed)
  • Ran actionlint via go run github.com/rhysd/actionlint/cmd/actionlint@latest .github/workflows/cli-binaries.yml to validate Actions semantics. (passed)
  • Executed automated workflow security assertions in a Python smoke script to confirm all occurrences of direct ${{ inputs.tag }} usages were removed and outputs/env usage is present. (passed)
  • Performed a Bash regex smoke test that demonstrates the new validator rejects a command-substitution payload (e.g., v1.2.3$(...)). (passed)

Codex Task

@cloudflare-workers-and-pages
Copy link
Copy Markdown

cloudflare-workers-and-pages Bot commented Jun 2, 2026
edited
Loading

Deploying with  Cloudflare Workers  Cloudflare Workers

The latest updates on your project. Learn more about integrating Git with Workers.

Status Name Latest Commit Preview URL Updated (UTC)
✅ Deployment successful!
View logs		 bashkit 98ef06a Commit Preview URL Jun 02 2026, 09:23 AM

@chaliy chaliy force-pushed the 2026-06-02-fix-tag-input-command-injection-vulnerability branch from 42ccfba to 98ef06a Compare June 2, 2026 09:19
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

aardvark codex

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@chaliy