dagecko opened a new pull request, #38891: URL: https://github.com/apache/superset/pull/38891
## Security: Harden GitHub Actions workflows Hey, we found some CI/CD security issues in this repo's workflows using [Runner Guard](https://github.com/Vigilant-LLC/runner-guard), our open-source CI/CD security scanner at [Vigilant](https://www.vigilantdefense.com). These are the same vulnerability classes being actively exploited right now in the tj-actions, Trivy, LiteLLM supply chain attack chain. We scanned the top 50K repos on GitHub and over 20,000 have this same problem. We're trying to get fixes out to as many maintainers as possible before more repos get hit. This PR fixes what we could automatically, and flags anything else that needs a manual look. There's a real person behind this PR, we're actively checking back on comments so if you have any questions just drop them here and we'll respond. ### Fixes applied (in this PR) | Rule | Severity | File | Description | |------|----------|------|-------------| | RGS-002 | high | `.github/workflows/bump-python-package.yml` | Extracted 4 unsafe expression(s) to env vars | | RGS-002 | high | `.github/workflows/embedded-sdk-release.yml` | Extracted 1 unsafe expression(s) to env vars | | RGS-007 | high | `.github/workflows/ephemeral-env-pr-close.yml` | Pinned 1 third-party action(s) to commit SHA | | RGS-002 | high | `.github/workflows/ephemeral-env-pr-close.yml` | Extracted 1 unsafe expression(s) to env vars | | RGS-002 | high | `.github/workflows/ephemeral-env.yml` | Extracted 3 unsafe expression(s) to env vars | | RGS-002 | high | `.github/workflows/generate-FOSSA-report.yml` | Extracted 1 unsafe expression(s) to env vars | | RGS-002 | high | `.github/workflows/release.yml` | Extracted 1 unsafe expression(s) to env vars | | RGS-002 | high | `.github/workflows/showtime-trigger.yml` | Extracted 3 unsafe expression(s) to env vars | | RGS-002 | high | `.github/workflows/superset-docs-deploy.yml` | Extracted 1 unsafe expression(s) to env vars | | RGS-002 | high | `.github/workflows/tag-release.yml` | Extracted 5 unsafe expression(s) to env vars | | RGS-002 | high | `.github/workflows/tech-debt.yml` | Extracted 1 unsafe expression(s) to env vars | ### Advisory: additional findings (manual review recommended) | Rule | Severity | File | Description | | RGS-016 | critical | `.github/workflows/check_db_migration_confict.yml` | Unicode Steganography in Workflow File | | RGS-004 | high | `.github/workflows/claude.yml` | Comment-Triggered Workflow Without Author Authorization Check | | RGS-004 | high | `.github/workflows/claude.yml` | Comment-Triggered Workflow Without Author Authorization Check | | RGS-003 | high | `.github/workflows/pre-commit.yml` | Filename Injection via Git Diff or File Listing | | RGS-004 | high | `.github/workflows/superset-docs-deploy.yml` | Comment-Triggered Workflow Without Author Authorization Check | | RGS-004 | high | `.github/workflows/superset-docs-deploy.yml` | Comment-Triggered Workflow Without Author Authorization Check | | RGS-004 | high | `.github/workflows/superset-docs-deploy.yml` | Comment-Triggered Workflow Without Author Authorization Check | | RGS-004 | high | `.github/workflows/superset-docs-deploy.yml` | Comment-Triggered Workflow Without Author Authorization Check | | RGS-004 | high | `.github/workflows/superset-docs-deploy.yml` | Comment-Triggered Workflow Without Author Authorization Check | | RGS-004 | high | `.github/workflows/superset-docs-deploy.yml` | Comment-Triggered Workflow Without Author Authorization Check | | RGS-012 | high | `.github/workflows/superset-docs-deploy.yml` | Secret Exfiltration via Outbound HTTP Request | | RGS-004 | high | `.github/workflows/superset-docs-deploy.yml` | Comment-Triggered Workflow Without Author Authorization Check | | RGS-004 | high | `.github/workflows/superset-docs-deploy.yml` | Comment-Triggered Workflow Without Author Authorization Check | | RGS-004 | high | `.github/workflows/superset-docs-deploy.yml` | Comment-Triggered Workflow Without Author Authorization Check | | RGS-004 | high | `.github/workflows/superset-docs-deploy.yml` | Comment-Triggered Workflow Without Author Authorization Check | | RGS-004 | high | `.github/workflows/superset-docs-deploy.yml` | Comment-Triggered Workflow Without Author Authorization Check | | RGS-004 | high | `.github/workflows/superset-docs-deploy.yml` | Comment-Triggered Workflow Without Author Authorization Check | | RGS-004 | high | `.github/workflows/superset-docs-deploy.yml` | Comment-Triggered Workflow Without Author Authorization Check | | RGS-004 | high | `.github/workflows/supersetbot.yml` | Comment-Triggered Workflow Without Author Authorization Check | | RGS-004 | high | `.github/workflows/supersetbot.yml` | Comment-Triggered Workflow Without Author Authorization Check | | RGS-004 | high | `.github/workflows/supersetbot.yml` | Comment-Triggered Workflow Without Author Authorization Check | | RGS-004 | high | `.github/workflows/supersetbot.yml` | Comment-Triggered Workflow Without Author Authorization Check | | RGS-005 | medium | `.github/workflows/claude.yml` | Excessive Permissions on Untrusted Trigger | | RGS-005 | medium | `.github/workflows/claude.yml` | Excessive Permissions on Untrusted Trigger | | RGS-005 | medium | `.github/workflows/ephemeral-env-pr-close.yml` | Excessive Permissions on Untrusted Trigger | | RGS-007 | medium | `.github/workflows/ephemeral-env-pr-close.yml` | Unpinned Third-Party Action Using Mutable Tag | | RGS-005 | medium | `.github/workflows/ephemeral-env.yml` | Excessive Permissions on Untrusted Trigger | | RGS-005 | medium | `.github/workflows/ephemeral-env.yml` | Excessive Permissions on Untrusted Trigger | | RGS-005 | medium | `.github/workflows/labeler.yml` | Excessive Permissions on Untrusted Trigger | | RGS-005 | medium | `.github/workflows/showtime-trigger.yml` | Excessive Permissions on Untrusted Trigger | | RGS-005 | medium | `.github/workflows/supersetbot.yml` | Excessive Permissions on Untrusted Trigger | | RGS-005 | medium | `.github/workflows/welcome-new-users.yml` | Excessive Permissions on Untrusted Trigger | ### Why this matters GitHub Actions workflows that use untrusted input in `run:` blocks, expose secrets inline, or use unpinned third-party actions are vulnerable to code injection, credential theft, and supply chain attacks. These are the same vulnerability classes exploited in the [tj-actions/changed-files incident](https://www.vigilantdefense.com/resources/runner-guard) and subsequent supply chain attacks, which compromised CI secrets across thousands of repositories. ### How to verify Review the diff — each change is mechanical and preserves workflow behavior: - **Expression extraction** (RGS-002/008/014): Moves `${{ }}` expressions from `run:` blocks into `env:` mappings, preventing shell injection - **SHA pinning** (RGS-007): Pins third-party actions to immutable commit SHAs (original version tag preserved as comment) Run `brew install Vigilant-LLC/tap/runner-guard && runner-guard scan .` or install from the [repo](https://github.com/Vigilant-LLC/runner-guard) to verify. --- Found by [Runner Guard](https://github.com/Vigilant-LLC/runner-guard) | Built by [Vigilant Cyber Security](https://www.vigilantdefense.com) | [Learn more](https://www.vigilantdefense.com/resources/runner-guard) If this PR is not welcome, just close it -- we won't send another. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
