[all-commits] [llvm/llvm-project] bc06cd: [workflows] Split pr-code-format into two parts to...
Tom Stellard via All-commits
all-commits at lists.llvm.org
Fri Feb 2 11:31:35 PST 2024
Branch: refs/heads/main
Home: https://github.com/llvm/llvm-project
Commit: bc06cd5cbcfc22dd976f6742d10bc934e1353b8a
https://github.com/llvm/llvm-project/commit/bc06cd5cbcfc22dd976f6742d10bc934e1353b8a
Author: Tom Stellard <tstellar at redhat.com>
Date: 2024-02-02 (Fri, 02 Feb 2024)
Changed paths:
A .github/workflows/issue-write.yml
M .github/workflows/pr-code-format.yml
M llvm/utils/git/code-format-helper.py
Log Message:
-----------
[workflows] Split pr-code-format into two parts to make it more secure (#78216)
Actions triggered by pull_request_target events have access to all
repository secrets, so it is unsafe to use them when executing untrusted
code. The pr-code-format workflow does not execute any untrusted code,
but it passes untrused input into clang-format. An attacker could use
this to exploit a flaw in clang-format and potentially gain access to
the repository secrets.
By splitting the workflow, we can use the pull_request target which is
more secure and isolate the issue write permissions in a separate job.
The pull_request target also makes it easier to test changes to the
code-format-helepr.py script, because the version of the script from the
pull request will be used rather than the version of the script from
main.
Fixes #77142
More information about the All-commits
mailing list