Skip to content

Harden git ref handling against argument injection#131

Merged
jsilvanus merged 1 commit into
mainfrom
copilot/review-issues-and-execute-phases
Jul 5, 2026
Merged

Harden git ref handling against argument injection#131
jsilvanus merged 1 commit into
mainfrom
copilot/review-issues-and-execute-phases

Conversation

Copilot AI commented Jul 4, 2026

Copy link
Copy Markdown
Contributor

A network-reachable git argument-injection path remained in ref-based workflows: user-controlled refs were passed directly to git, so values beginning with - could be parsed as flags rather than revisions.

  • Security hardening

    • Added a shared git-ref validation helper that rejects unsafe refs before invoking git.
    • Applied the guard to the ref-resolution paths used by semantic bisect, temporal time filtering, branch-diff resolution, and narrator-side git lookups.
  • Regression coverage

    • Added focused tests covering unsafe refs and asserting they are rejected before git is invoked.
if (!isSafeGitRange(ref)) {
  throw new Error('Unsafe git ref')
}

@jsilvanus

Copy link
Copy Markdown
Owner

@copilot is the review fixes done all?

Copilot AI requested a review from jsilvanus July 4, 2026 22:15
@jsilvanus jsilvanus marked this pull request as ready for review July 5, 2026 06:20
@chatgpt-codex-connector

Copy link
Copy Markdown

You have reached your Codex usage limits for code reviews. You can see your limits in the Codex usage dashboard.

@jsilvanus jsilvanus merged commit fc2b456 into main Jul 5, 2026
1 check passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants