Add cross-repository allowlist validation (SEC-005)#15808
Conversation
- Add validateRepo checks to assign_to_agent.cjs - Add validateRepo checks to create_agent_session.cjs - Add validateRepo checks to get_repository_url.cjs - Add validateRepo checks to push_repo_memory.cjs - Add documentation comments for checkout_pr_branch.cjs (false positive) - Add documentation comments for pr_review_buffer.cjs (validation handled by callers) - Add documentation comments for temporary_id.cjs (utility library) All handlers now implement E004 error code for validation failures. SEC-005 conformance check now passes. Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
- Add test cases for assign_to_agent.cjs allowlist validation - Add test cases for create_agent_session.cjs allowlist validation - Tests cover: rejection of non-allowlisted repos, acceptance of allowlisted repos, and default repo handling Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
- Add mockContext to create_agent_session tests - Add getExecOutput mock to mockExec - Fix assign_to_agent test to include allowlist for cross-repo test - Clean up test environment variables in afterEach All tests now passing for both handlers. Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
get_repository_url.cjs is a URL helper that doesn't perform actual cross-repository operations. It only generates URLs for display purposes. Handlers that use it and perform actual operations are responsible for their own validation. Added documentation comment explaining this. Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
There was a problem hiding this comment.
Pull request overview
This PR implements cross-repository allowlist validation (SEC-005) for seven handlers as required by the Safe Outputs specification. The changes address a conformance check failure by adding validation to handlers that perform cross-repository API operations and documenting helpers that don't require validation.
Changes:
- Added allowlist validation to three handlers performing cross-repo API operations:
assign_to_agent.cjs,create_agent_session.cjs, andpush_repo_memory.cjs - Added documentation to four non-API helpers explaining why they don't need validation:
temporary_id.cjs,get_repository_url.cjs,checkout_pr_branch.cjs, andpr_review_buffer.cjs - Added comprehensive test coverage for validation in
assign_to_agent.test.cjsandcreate_agent_session.test.cjs
Reviewed changes
Copilot reviewed 9 out of 9 changed files in this pull request and generated 1 comment.
Show a summary per file
| File | Description |
|---|---|
actions/setup/js/assign_to_agent.cjs |
Added validation of GH_AW_TARGET_REPO against GH_AW_AGENT_ALLOWED_REPOS using centralized validateRepo() function |
actions/setup/js/assign_to_agent.test.cjs |
Added test suite for cross-repository allowlist validation covering rejection, acceptance, and default repository cases; fixed existing test to include target repo in allowlist |
actions/setup/js/create_agent_session.cjs |
Added validation of GITHUB_AW_TARGET_REPO against GH_AW_AGENT_SESSION_ALLOWED_REPOS before processing agent sessions |
actions/setup/js/create_agent_session.test.cjs |
Added test suite for cross-repository allowlist validation with proper setup/teardown of environment variables |
actions/setup/js/push_repo_memory.cjs |
Added validation of TARGET_REPO against REPO_MEMORY_ALLOWED_REPOS before git operations |
actions/setup/js/checkout_pr_branch.cjs |
Added documentation explaining it operates within PR context and doesn't support cross-repo operations |
actions/setup/js/get_repository_url.cjs |
Added documentation explaining it's a URL helper that doesn't perform cross-repo operations |
actions/setup/js/pr_review_buffer.cjs |
Added documentation explaining it receives pre-validated data from other handlers |
actions/setup/js/temporary_id.cjs |
Added documentation explaining it's a utility library and handlers using it are responsible for validation |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
|
@copilot add tests |
github-actions
bot
added
enhancement
|
@copilot keep working |
- Add 3 test cases similar to assign_to_agent and create_agent_session tests - Test rejection of non-allowlisted repositories with E004 error - Test acceptance of allowlisted repositories - Test default repository being allowed without explicit allowlist - All tests passing Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
|
🎬 THE END — Smoke Claude MISSION: ACCOMPLISHED! The hero saves the day! ✨ |
|
🧪 Smoke Project is now testing project operations... |
|
✅ Changeset Generator completed successfully! |
|
✨ The prophecy is fulfilled... Smoke Codex has completed its mystical journey. The stars align. 🌟 |
|
❌ Smoke Copilot SDK failed. Please review the logs for details. |
|
🧪 Smoke Temporary ID is now testing temporary ID functionality... |
|
📰 BREAKING: Smoke Copilot is now investigating this pull request. Sources say the story is developing... |
|
✅ Smoke Temporary ID completed successfully. Temporary ID validation passed. |
Agent Container Tool Check
Result: 12/12 tools available ✅ All required development tools are present and functioning in the agent container environment.
|
|
✅ Smoke Project completed successfully. All project operations validated. |
|
🤖 Beep boop! The smoke test agent just dropped by to say hello! 👋✨ Running some automated testing magic in the background. Don't mind me, just making sure everything's working smoothly! 🚀 This message brought to you by the friendly neighborhood Copilot smoke test suite 🎭
|
|
Smoke Test Results for Run 22030010496 ✅ GitHub MCP (#15807, #15806) Overall Status: PASS (10/11 tests)
|
|
📰 VERDICT: Smoke Copilot has concluded. All systems operational. This is a developing story. 🎤 |
|
Smoke test results:
|
![github-actions[bot]](https://avatars.githubusercontent.com/in/15368?s=60&v=4){kind=small}
There was a problem hiding this comment.
💥 Automated smoke test review - all systems nominal!
The cross-repository allowlist validation implementation looks solid. Consistent error codes and centralized validation logic are excellent security practices.
💥 [THE END] — Illustrated by Smoke Claude for issue #15808
Implement Cross-Repository Allowlist Validation (SEC-005) ✅
Issue Resolution
Successfully resolved SEC-005 conformance check failure by implementing cross-repository allowlist validation in all affected handlers.
Changes Complete
✅ Handlers with Validation Added:
assign_to_agent.cjs
GH_AW_TARGET_REPOagainstGH_AW_AGENT_ALLOWED_REPOScreate_agent_session.cjs
GITHUB_AW_TARGET_REPOagainstGH_AW_AGENT_SESSION_ALLOWED_REPOSpush_repo_memory.cjs
TARGET_REPOagainstREPO_MEMORY_ALLOWED_REPOS✅ Documentation Added (No Validation Needed):
Implementation Details
All validation uses the centralized
validateRepo()function fromrepo_helpers.cjswhich:Test Coverage ✅
Verification ✅
Security Impact
This fix eliminates the HIGH severity security vulnerability where agents could potentially perform operations on unauthorized repositories. All cross-repository operations now properly validate target repositories against configured allowlists, preventing:
Original prompt
💬 We'd love your input! Share your thoughts on Copilot coding agent in our 2 minute survey.
Changeset
✨ PR Review Safe Output Test - Run 22030010500
✨ PR Review Safe Output Test - Run 22037471598