)]}'
{
  "commit": "ad4b8b87bdf49de4f437dd4f0e31d0164e022b0b",
  "tree": "6014b533748be1152dff8001ec8a0d87f7c229c1",
  "parents": [
    "fb38a5df89172330a08cf5250df6fb41a68b7332"
  ],
  "author": {
    "name": "Dongyang Li",
    "email": "lidongyang@selectdb.com",
    "time": "Thu May 21 18:40:25 2026 +0800"
  },
  "committer": {
    "name": "GitHub",
    "email": "noreply@github.com",
    "time": "Thu May 21 18:40:25 2026 +0800"
  },
  "message": "[fix](ci) harden GitHub Actions workflows against injection and module shadowing (#63486)\n\n## Problem\n\nTwo security issues in GitHub Actions workflows:\n\n**1. Expression injection — `comment-to-trigger-teamcity.yml`**\n\n`COMMENT_REPEAT_TIMES` was extracted from the PR comment body via an\nunanchored regex (`grep -E` uses substring matching, so `(\n[1-9]*[0-9]+)*` can match zero times). The raw value was then written\ndirectly to `$GITHUB_OUTPUT` without validation. Subsequent steps\ninterpolate it as `${{ steps.parse.outputs.COMMENT_REPEAT_TIMES }}`\ninside `run:` blocks, which GitHub Actions evaluates **before** the\nshell runs — equivalent to string-splicing untrusted input into a shell\nscript.\n\nAny user who can comment on an open PR could inject shell commands into\nthe runner.\n\n**2. Python module shadowing — `license-eyes.yml`**\n\nThe `pull_request_target` workflow checks out the fork\u0027s HEAD and runs\n`python3` with an inline heredoc. Python\u0027s `sys.path` includes `\u0027\u0027` (the\ncurrent working directory) by default, so a fork-supplied `yaml.py` at\nthe repo root would be imported instead of the stdlib `yaml` module.\nCombined with `pull_request_target`\u0027s elevated permissions, this allows\narbitrary code execution.\n\n## Fix\n\n- **`comment-to-trigger-teamcity.yml`**: validate `COMMENT_REPEAT_TIMES`\nis a non-negative integer (or empty) immediately after extraction,\nbefore writing to `$GITHUB_OUTPUT`. Non-numeric values are discarded.\n- **`license-eyes.yml`**: add `persist-credentials: false` to the fork\ncheckout; strip `\u0027\u0027` and `\u0027.\u0027` from `sys.path` before `import yaml` to\nprevent local module shadowing.\n\n## Test\n\nWorkflow logic is unchanged for valid inputs. The validation only\naffects malformed `COMMENT_REPEAT_TIMES` values (non-numeric strings),\nwhich had no defined behavior before.\n\nCo-authored-by: Claude Sonnet 4.6 \u003cnoreply@anthropic.com\u003e",
  "tree_diff": [
    {
      "type": "modify",
      "old_id": "92336f430f5fe12b73f3fc7451e6a203f3f573c5",
      "old_mode": 33188,
      "old_path": ".github/workflows/comment-to-trigger-teamcity.yml",
      "new_id": "d706e171a653ebdb821b1ee57986da401254f32f",
      "new_mode": 33188,
      "new_path": ".github/workflows/comment-to-trigger-teamcity.yml"
    },
    {
      "type": "modify",
      "old_id": "2fbccb9c0d38e7e3eaafc8e79aeae891a63667dd",
      "old_mode": 33188,
      "old_path": ".github/workflows/license-eyes.yml",
      "new_id": "c0705d674813431d1d6f3a3a9da6a4e607a01642",
      "new_mode": 33188,
      "new_path": ".github/workflows/license-eyes.yml"
    }
  ]
}