Skip to content

fix: lock-file integrity check now covers compiled YAML body#24157

Closed
Copilot wants to merge 2 commits intomainfrom
copilot/fix-lock-file-integrity-check
Closed

fix: lock-file integrity check now covers compiled YAML body#24157
Copilot wants to merge 2 commits intomainfrom
copilot/fix-lock-file-integrity-check

Conversation

Copy link
Copy Markdown
Contributor

Copilot AI commented Apr 2, 2026
edited
Loading

The runtime integrity check validated only the .md frontmatter hash, leaving the compiled YAML body unprotected. An actor with repo write access could modify permissions:, --allow-domains, GITHUB_READ_ONLY, or --allowed-tools in a .lock.yml while leaving the # gh-aw-metadata: comment untouched — the check would pass and the agent would run with tampered config.

Approach

Two-pass compilation (Go): After generating the full YAML, compute SHA-256 of all non-comment lines and inject it as compiled_hash into the existing gh-aw-metadata JSON comment. Because the metadata line is itself a comment, it's excluded from the hash — no chicken-and-egg problem.

# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"...","compiled_hash":"11907f5e...","agent_id":"copilot"}
name: "My Workflow"
on: ...
permissions: {}   ← covered by compiled_hash
jobs:             ← covered by compiled_hash
  ...

Runtime verification (JS): check_workflow_timestamp_api.cjs re-strips comment lines from the fetched lock file content and recomputes the hash. Mismatch fails with a 🚨 Tamper Detected summary.

Changes

  • pkg/workflow/lock_schema.go — add compiled_hash (omitempty) to LockMetadata
  • pkg/workflow/compiler_yaml.go — add computeCompiledHash() and injectCompiledHashIntoMetadata(); call both after generateWorkflowBody() when a frontmatter hash exists
  • actions/setup/js/frontmatter_hash_pure.cjs — add extractCompiledHashFromLockFile() and computeCompiledHashFromLockFile()
  • actions/setup/js/check_workflow_timestamp_api.cjs — verify compiled hash in both the API and local-filesystem code paths; compiled hash mismatch is checked before frontmatter hash to surface tamper attempts early
  • 179 lock files — recompiled to include the new field

Backward compatibility

Lock files without compiled_hash (compiled by older tooling) continue to pass — only the frontmatter hash is checked, with a log note that the compiled hash check was skipped.

Warning

Firewall rules blocked me from connecting to one or more addresses (expand for details)

I tried to connect to the following addresses, but was blocked by firewall rules:

  • https://api.github.com/graphql
    • Triggering command: /usr/bin/gh /usr/bin/gh api graphql -f query=query($owner: String!, $name: String!) { repository(owner: $owner, name: $name) { hasDiscussionsEnabled } } -f owner=github -f name=gh-aw origin/fallback-/home/REDACTED/.npm/_npx/b388654678d519d9/node_modules/.bin/prettier odules/npm/node_--write 0/x64/bin/node ve h ../../../.pret.prettierignore tions/setup/js/n--log-level=error 0/x64/bin/bash -errorsas -ifaceassert -nilfunc tions/setup/js/node_modules/vite-buildtags (http block)
    • Triggering command: /usr/bin/gh /usr/bin/gh api graphql -f query=query($owner: String!, $name: String!) { repository(owner: $owner, name: $name) { hasDiscussionsEnabled } } -f owner=github -f name=gh-aw origin/fallback-/home/REDACTED/.npm/_npx/b388654678d519d9/node_modules/.bin/prettier 64/bin/git 0/x64/bin/node ve h ../../../.pret.prettierignore tions/setup/js/n--log-level=error de -errorsas -ifaceassert -nilfunc tions/setup/js/node_modules/vite-trimpath (http block)
    • Triggering command: /usr/bin/gh /usr/bin/gh api graphql -f query=query($owner: String!, $name: String!) { repository(owner: $owner, name: $name) { hasDiscussionsEnabled } } -f owner=github -f name=gh-aw origin/fallback--c t 0/x64/bin/node ve h ../../../.prettierignore tions/setup/js/node_modules/vitest/suppress-warnings.cjs ndor/bin/bash -errorsas -ifaceassert -nilfunc tions/setup/js/node_modules/vite-trimpath (http block)
  • https://api.github.com/orgs/test-owner/actions/secrets
    • Triggering command: /usr/bin/gh gh api /orgs/test-owner/actions/secrets --jq .secrets[].name -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go env -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE 3k6c8jM/KCvsvKYw-buildtags (http block)
    • Triggering command: /usr/bin/gh gh api /orgs/test-owner/actions/secrets --jq .secrets[].name -goversion go1.25.0 -c=4 -race -nolocalimports -importcfg /tmp/go-build760040655/b225/importcfg ache�� 64/src/os/user rtcfg x_amd64/compile 040655/b125/ go /usr/bin/git x_amd64/compile (http block)
  • https://api.github.com/repos/actions/ai-inference/git/ref/tags/v1
    • Triggering command: /usr/bin/gh gh api /repos/actions/ai-inference/git/ref/tags/v1 --jq .object.sha --show-toplevel go /usr/bin/git ub/workflows GO111MODULE 64/bin/go git rev-�� --show-toplevel go /usr/bin/infocmp -json GO111MODULE x_amd64/link infocmp (http block)
    • Triggering command: /usr/bin/gh gh api /repos/actions/ai-inference/git/ref/tags/v1 --jq .object.sha sistency_KeyOrdering862459076/001/test1.md x_amd64/vet /usr/bin/gh ay_c1201377758/0git -I x_amd64/vet gh run view 12345 /usr/bin/git nonexistent/repogit --json status,conclusio--show-toplevel git (http block)
  • https://api.github.com/repos/actions/checkout/git/ref/tags/v3
    • Triggering command: /usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v3 --jq .object.sha 7224277/b442/_pkg_.a go 0/x64/bin/node ck '**/*.cjs' '*git GO111MODULE 64/bin/go 0/x64/bin/node push�� CxFj/4N_hV3O2Cg4KalLpCxFj my-default /usr/bin/git -json GO111MODULE 64/bin/go git (http block)
    • Triggering command: /usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v3 --jq .object.sha /tmp/go-build760040655/b321/_pkg_.a l /usr/bin/git -p golang.org/x/oaurev-parse -lang=go1.24 /usr/bin/git remo�� -v -buildid /usr/bin/git -goversion go1.25.0 -c=4 git (http block)
  • https://api.github.com/repos/actions/checkout/git/ref/tags/v5
    • Triggering command: /usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v5 --jq .object.sha -json GO111MODULE x_amd64/compile GOINSECURE GOMOD GOMODCACHE x_amd64/compile env -json GO111MODULE ache/go/1.25.0/x64/bin/go GOINSECURE s $k => $v) echorev-parse GOMODCACHE go (http block)
    • Triggering command: /usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v5 --jq .object.sha xterm-color x_amd64/vet /usr/bin/git -json GO111MODULE x_amd64/link git rev-�� --show-toplevel x_amd64/link /usr/bin/git -json GO111MODULE ache/go/1.25.0/x--show-toplevel git (http block)
    • Triggering command: /usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v5 --jq .object.sha --show-toplevel go /usr/bin/git ithub/workflows GO111MODULE 64/pkg/tool/linu--show-toplevel git rev-�� --show-toplevel 64/pkg/tool/linux_amd64/vet 0/x64/bin/node 7224277/b417/loggit GO111MODULE 7224277/b417/imp--show-toplevel git (http block)
  • https://api.github.com/repos/actions/checkout/git/ref/tags/v6
    • Triggering command: /usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v6 --jq .object.sha (http block)
    • Triggering command: /usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v6 --jq .object.sha --show-toplevel sh r,url,status,conclusion,workflowName,createdAt,startedAt,updatedAt,event,headBranch,headSha,disp--show-toplevel "prettier" --chegit flow 64/bin/go git init�� 0:00Z go /usr/bin/git -json GO111MODULE 64/bin/go git (http block)
    • Triggering command: /usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v6 --jq .object.sha --show-toplevel ortcfg /usr/bin/git 138061221 GO111MODULE ache/go/1.25.0/x--show-toplevel git rev-�� --show-toplevel ache/go/1.25.0/x64/pkg/tool/linux_amd64/vet /usr/bin/git -json GO111MODULE e/git git (http block)
  • https://api.github.com/repos/actions/github-script/git/ref/tags/v8
    • Triggering command: /usr/bin/gh gh api /repos/actions/github-script/git/ref/tags/v8 --jq .object.sha -json GO111MODULE 64/bin/go GOINSECURE GOMOD erignore go env -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go (http block)
    • Triggering command: /usr/bin/gh gh api /repos/actions/github-script/git/ref/tags/v8 --jq .object.sha -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE node /opt�� prettier --check 64/bin/go **/*.ts **/*.json --ignore-path golangci-lint (http block)
    • Triggering command: /usr/bin/gh gh api /repos/actions/github-script/git/ref/tags/v8 --jq .object.sha -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE sh -c "prettier" --che-r GOPROXY 64/bin/go GOSUMDB GOWORK 64/bin/go git (http block)
  • https://api.github.com/repos/actions/setup-go/git/ref/tags/v4
    • Triggering command: /usr/bin/gh gh api /repos/actions/setup-go/git/ref/tags/v4 --jq .object.sha uts.branch -goversion /usr/bin/git -c=4 -nolocalimports -importcfg git conf�� --get remote.origin.url /usr/bin/git -json GO111MODULE 64/bin/go git (http block)
    • Triggering command: /usr/bin/gh gh api /repos/actions/setup-go/git/ref/tags/v4 --jq .object.sha sistency_GoAndJavaScript644444288/001/test-frontmatter-with-env-template-expressions.md x_amd64/vet /usr/bin/git 040655/b073/_pkggit -I x_amd64/vet git rev-�� --show-toplevel x_amd64/vet /usr/bin/gh ache/go/1.25.0/xgit 64/src/net x_amd64/vet gh (http block)
  • https://api.github.com/repos/actions/setup-node/git/ref/tags/v4
    • Triggering command: /usr/bin/gh gh api /repos/actions/setup-node/git/ref/tags/v4 --jq .object.sha 64/bin/go sh /usr/bin/git "prettier" --chegit sh 64/bin/go git conf�� --get remote.origin.url /opt/hostedtoolcache/node/24.14.0/x64/bin/node -json GO111MODULE 64/bin/go node (http block)
    • Triggering command: /usr/bin/gh gh api /repos/actions/setup-node/git/ref/tags/v4 --jq .object.sha ithub/workflows/archie.md status /usr/bin/git .github/workflowgit 040655/b125/ x_amd64/compile git rev-�� --git-dir x_amd64/compile /usr/bin/git yX0PmxH/fojbNvvGgit rtcfg x_amd64/vet /usr/bin/git (http block)
  • https://api.github.com/repos/astral-sh/setup-uv/git/ref/tags/eac588ad8def6316056a12d4907a9d4d84ff7a3b
    • Triggering command: /usr/bin/gh gh api /repos/astral-sh/setup-uv/git/ref/tags/eac588ad8def6316056a12d4907a9d4d84ff7a3b --jq .object.sha -bool -buildtags modules/@npmcli/run-script/lib/node-gyp-bin/sh -errorsas -ifaceassert -nilfunc /opt/hostedtoolcache/node/24.14.0/x64/bin/node --ex�� js/**/*.json' --ignore-path ../../../.prettierignore ser:token@github.com/repo.git.url tions/setup/js/node_modules/.bin/sh node --conditions development ache/go/1.25.0/x64/pkg/tool/linux_amd64/compile (http block)
  • https://api.github.com/repos/github/gh-aw
    • Triggering command: `/usr/bin/gh gh api /repos/github/gh-aw --jq .visibility on' --ignore-path ../../../.prettierignore k/gh-aw/gh-aw/actions/setup/js/node_modules/vitest/suppress-warnings.cjs tnet/tools/bash -m Subject line

De-C k/gh-aw/gh-aw/ac/home/REDACTED/work/gh-aw/gh-aw/.github/workflows k/gh-aw/gh-aw/acrev-parse rev-�� nonexistent-branch-that-does-not-exist git r: $owner, name: $name) {
hasDiscussionsEnabled
}
} -1 96249d8c x_amd64/vet /opt/hostedtoolcmcp/memory` (http block)

  • https://api.github.com/repos/github/gh-aw-actions/git/ref/tags/v0
    • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw-actions/git/ref/tags/v0 --jq .object.sha -bool tions/setup/js/node_modules/vitest/suppress-warnings.cjs modules/@npmcli/run-script/lib/node-gyp-bin/sh -errorsas -ifaceassert -nilfunc tions/setup/js/node_modules/vitest/dist/workers/forks.js --ex�� js/**/*.json' --ignore-path ../../../.prettierignore ser:token@github.com/repo.git.url n-dir/sh node --conditions development git (http block)
  • https://api.github.com/repos/github/gh-aw-actions/git/ref/tags/v0.1.2
    • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw-actions/git/ref/tags/v0.1.2 --jq .object.sha k/gh-aw/gh-aw/.github/workflows/auto-triage-issues.md sh /usr/bin/git "prettier" --chegit node 64/bin/go git -C /tmp/gh-aw-test-runs/20260402-190907-50967/test-138061221 status /usr/bin/git .github/workflowgit GO111MODULE 64/bin/go git (http block)
    • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw-actions/git/ref/tags/v0.1.2 --jq .object.sha -u origin /usr/bin/git fips140/aes/gcm /opt/hostedtoolcrev-parse x_amd64/vet git rev-�� --show-toplevel x_amd64/vet /usr/bin/git /opt/hostedtoolcgit rtcfg x_amd64/vet git (http block)
  • https://api.github.com/repos/github/gh-aw-actions/git/ref/tags/v1.0.0
    • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw-actions/git/ref/tags/v1.0.0 --jq .object.sha 0907-50967/test-138061221 GOPROXY .cfg GOSUMDB GOWORK 64/bin/go /opt/hostedtoolcache/go/1.25.0/x64/pkg/tool/linux_amd64/vet -ato�� -bool -buildtags ache/node/24.14.0/x64/bin/node -errorsas -ifaceassert -nilfunc /usr/lib/git-core/git (http block)
    • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw-actions/git/ref/tags/v1.0.0 --jq .object.sha licyMinIntegrityOnlymin-integrity_with_repos=public_3481618259/001 -buildtags /opt/hostedtoolcache/go/1.25.0/x64/pkg/tool/linux_amd64/vet l -ifaceassert -nilfunc /opt/hostedtoolcache/go/1.25.0/x64/pkg/tool/linux_amd64/vet -ato�� -bool -buildtags 64/pkg/tool/linux_amd64/compile -errorsas -ifaceassert -nilfunc 64/pkg/tool/linux_amd64/compile (http block)
  • https://api.github.com/repos/github/gh-aw-actions/git/ref/tags/v1.2.3
    • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw-actions/git/ref/tags/v1.2.3 --jq .object.sha licyMinIntegrityOnlymin-integrity_with_explicit_repo179085570/00remote.origin.url 7224277/b070/_testmain.go /opt/hostedtoolcache/go/1.25.0/x64/pkg/tool/linux_amd64/vet GOSUMDB GOWORK 64/bin/go /opt/hostedtoolcache/go/1.25.0/x64/pkg/tool/linux_amd64/vet -ato�� -bool -buildtags 0/x64/bin/node -errorsas -ifaceassert -nilfunc /usr/lib/git-core/git (http block)
    • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw-actions/git/ref/tags/v1.2.3 --jq .object.sha licyMinIntegrityOnlymin-integrity_with_explicit_repo1726894206/001 /tmp/go-build760040655/b203/vet.cfg /opt/hostedtoolcache/go/1.25.0/x64/pkg/tool/linux_amd64/vet 64/src/runtime/cgit git ache/go/1.25.0/x--show-toplevel /opt/hostedtoolcache/go/1.25.0/x64/pkg/tool/linu--json -ato�� 9/001/inlined-a.md -buildtags /usr/bin/git -errorsas -ifaceassert -nilfunc git (http block)
  • https://api.github.com/repos/github/gh-aw/actions/runs/1/artifacts
    • Triggering command: /usr/bin/gh gh run download 1 --dir test-logs/run-1 GO111MODULE ache/go/1.25.0/x64/bin/go GOINSECURE GOMOD GOMODCACHE go env 3428645465/.github/workflows GO111MODULE 86_64/bash GOINSECURE GOMOD GOMODCACHE go (http block)
    • Triggering command: /usr/bin/gh gh run download 1 --dir test-logs/run-1 _64-linux-gnu/13/lto-wrapper 64/pkg/tool/linux_amd64/vet -plugin-opt=-pasgit s ead 64/pkg/tool/linux_amd64/vet -o s cfg 64/pkg/tool/linux_amd64/vet -p net/url -lang=go1.25 64/pkg/tool/linux_amd64/vet (http block)
  • https://api.github.com/repos/github/gh-aw/actions/runs/12345/artifacts
    • Triggering command: /usr/bin/gh gh run download 12345 --dir test-logs/run-12345 GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go env -json GO111MODULE ndor/bin/bash GOINSECURE GOMOD GOMODCACHE go (http block)
    • Triggering command: /usr/bin/gh gh run download 12345 --dir test-logs/run-12345 -I x_amd64/vet --gdwarf-5 fips140/ecdh -o x_amd64/vet -o /tmp/go-build760040655/b119/_pkg-dwarf=false cfg 64/pkg/tool/linux_amd64/vet rvEX/mb8e_ZeGMV2git compress/gzip -lang=go1.25 64/pkg/tool/linux_amd64/vet (http block)
  • https://api.github.com/repos/github/gh-aw/actions/runs/12346/artifacts
    • Triggering command: /usr/bin/gh gh run download 12346 --dir test-logs/run-12346 GO111MODULE ache/go/1.25.0/x64/bin/go GOINSECURE GOMOD GOMODCACHE R9/-4LzASpRV2zK6Test User env " GO111MODULE ache/go/1.25.0/x64/bin/go GOINSECURE GOMOD GOMODCACHE go (http block)
    • Triggering command: /usr/bin/gh gh run download 12346 --dir test-logs/run-12346 -I x_amd64/vet --gdwarf-5 o-gh/v2/pkg/authcheckout -o x_amd64/vet -o /tmp/go-build760040655/b122/_pkgtesting.testBinary=1 cfg 64/pkg/tool/linux_amd64/vet -p text/tabwriter -lang=go1.25 64/pkg/tool/linux_amd64/vet (http block)
  • https://api.github.com/repos/github/gh-aw/actions/runs/2/artifacts
    • Triggering command: /usr/bin/gh gh run download 2 --dir test-logs/run-2 GO111MODULE ache/go/1.25.0/x64/bin/go GOINSECURE GOMOD GOMODCACHE go env 3428645465/.github/workflows GO111MODULE ache/go/1.25.0/x64/bin/go GOINSECURE GOMOD GOMODCACHE go (http block)
    • Triggering command: /usr/bin/gh gh run download 2 --dir test-logs/run-2 -fPIC 64/pkg/tool/linux_amd64/vet -pthread 040655/b241/ -fmessage-length.github/workflows/test.md 64/pkg/tool/linux_amd64/vet -o /tmp/go-build760040655/b140/_pkg--exclude-hidden=receive cfg 64/pkg/tool/linux_amd64/vet 1.o 2.o 3.o 64/pkg/tool/linutest@example.com (http block)
  • https://api.github.com/repos/github/gh-aw/actions/runs/3/artifacts
    • Triggering command: /usr/bin/gh gh run download 3 --dir test-logs/run-3 GO111MODULE ache/go/1.25.0/x64/bin/go GOINSECURE GOMOD GOMODCACHE go env 3428645465/.github/workflows GO111MODULE ache/go/1.25.0/x64/bin/go GOINSECURE GOMOD GOMODCACHE go (http block)
    • Triggering command: /usr/bin/gh gh run download 3 --dir test-logs/run-3 -dynimport 64/pkg/tool/linux_amd64/vet -dynout bracelet/huh -dynlinker 64/pkg/tool/linuorigin -o /tmp/go-build760040655/b145/_pkgtesting.testBinary=1 040655/b276/ 64/pkg/tool/linux_amd64/vet -p github.com/charmrev-parse -lang=go1.24 64/pkg/tool/linux_amd64/vet (http block)
  • https://api.github.com/repos/github/gh-aw/actions/runs/4/artifacts
    • Triggering command: /usr/bin/gh gh run download 4 --dir test-logs/run-4 GO111MODULE ndor/bin/bash GOINSECURE GOMOD GOMODCACHE go env 3428645465/.github/workflows GO111MODULE 64/bin/bash GOINSECURE GOMOD GOMODCACHE go (http block)
    • Triggering command: /usr/bin/gh gh run download 4 --dir test-logs/run-4 _64-linux-gnu/13/lto-wrapper 64/pkg/tool/linux_amd64/vet -plugin-opt=-pasgit s ead 64/pkg/tool/linux_amd64/vet -o s cfg 64/pkg/tool/linux_amd64/vet BGut/Lb8dZuqz1XGgit github.com/lucasrev-parse -lang=go1.12 64/pkg/tool/linux_amd64/vet (http block)
  • https://api.github.com/repos/github/gh-aw/actions/runs/5/artifacts
    • Triggering command: /usr/bin/gh gh run download 5 --dir test-logs/run-5 GO111MODULE ache/go/1.25.0/x64/bin/go GOINSECURE GOMOD GOMODCACHE go env md GO111MODULE 0/x64/bin/bash GOINSECURE GOMOD GOMODCACHE go (http block)
    • Triggering command: /usr/bin/gh gh run download 5 --dir test-logs/run-5 040655/b139/importcfg 64/pkg/tool/linux_amd64/vet -p _import.go lcache/go/1.25.0--get 64/pkg/tool/linuremote.origin.url -o 2.o cfg 64/pkg/tool/linux_amd64/vet vmUf/Lpa9-qbbN5Ngit internal/fuzz -lang=go1.25 64/pkg/tool/linux_amd64/vet (http block)
  • https://api.github.com/repos/github/gh-aw/actions/workflows
    • Triggering command: /usr/bin/gh gh workflow list --json name,state,path -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go env -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE sh (http block)
    • Triggering command: /usr/bin/gh gh run list --json databaseId,number,url,status,conclusion,workflowName,createdAt,startedAt,updatedAt,event,headBranch,headSha,displayTitle --workflow nonexistent-workflow-12345 --limit 100 GOMOD GOMODCACHE node /hom�� --check **/*.cjs 64/bin/go **/*.json --ignore-path ../../../.pretti--show-toplevel go (http block)
    • Triggering command: /usr/bin/gh gh run list --json databaseId,number,url,status,conclusion,workflowName,createdAt,startedAt,updatedAt,event,headBranch,headSha,displayTitle --workflow nonexistent-workflow-12345 --limit 6 GOMOD GOMODCACHE go env mLsRemoteWithRealGitbranch_with_hyphen2168582858/001' mLsRemoteWithRealGitbranch_with_hyphen2168582858/001' ache/go/1.25.0/x64/bin/go GOINSECURE GOMOD GOMODCACHE go (http block)
  • https://api.github.com/repos/github/gh-aw/contents/.github%2Fworkflows%2Faudit-workflows.md
    • Triggering command: /opt/hostedtoolcache/node/24.14.0/x64/bin/node /opt/hostedtoolcache/node/24.14.0/x64/bin/node --experimental-import-meta-resolve --require /home/REDACTED/work/gh-aw/gh-aw/actions/setup/js/node_modules/vitest/suppress-warnings.cjs --conditions node --conditions development /home/REDACTED/work/gh-aw/gh-aw/actions/setup/js/node_modules/vitest/dist/workers/forks.js (http block)
  • https://api.github.com/repos/github/gh-aw/git/ref/tags/v0.47.4
    • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v0.47.4 --jq .object.sha --show-toplevel o7/o5cLyHn7mqWdTAhptDMF/o2VwotF-rev-parse /usr/bin/git -json GO111MODULE 64/pkg/tool/linu--show-toplevel git rev-�� --show-toplevel 64/pkg/tool/linux_amd64/compile /usr/bin/git g_.a GO111MODULE 64/pkg/tool/linu--verify git (http block)
    • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v0.47.4 --jq .object.sha --show-toplevel 64/pkg/tool/linux_amd64/vet /usr/bin/git -Wno-error cfg 64/pkg/tool/linu--show-toplevel git rev-�� --show-toplevel 64/pkg/tool/linux_amd64/vet /usr/bin/git ache/go/1.25.0/xgit cfg 64/pkg/tool/linu--verify git (http block)
  • https://api.github.com/repos/github/gh-aw/git/ref/tags/v1.0.0
    • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v1.0.0 --jq .object.sha -json GO111MODULE 64/pkg/tool/linux_amd64/link GOINSECURE GOMOD GOMODCACHE 64/pkg/tool/linux_amd64/link env /a.out GO111MODULE 64/pkg/tool/linux_amd64/vet GOINSECURE iguxF-ObausWM9zBrev-parse GOMODCACHE 64/pkg/tool/linux_amd64/vet (http block)
    • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v1.0.0 --jq .object.sha crypto/internal/fips140/aes/gcm cfg 64/pkg/tool/linux_amd64/vet -I /tmp/go-build760rev-parse -I 64/pkg/tool/linux_amd64/vet 0406�� -I cfg 64/pkg/tool/linux_amd64/vet . --gdwarf2 --64 64/pkg/tool/linux_amd64/vet (http block)
  • https://api.github.com/repos/github/gh-aw/git/ref/tags/v1.2.3
    • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v1.2.3 --jq .object.sha npx prettier --check '**/*.cjs' GOINSECURE GOPROXY 64/bin/go GOSUMDB GOWORK 64/bin/go sh -c "prettier" --check 'scripts/**/*GOINSECURE sh 64/bin/go tierignore GOPROXY 64/bin/go go (http block)
    • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v1.2.3 --jq .object.sha _.a 040655/b125/ x_amd64/asm -I /tmp/go-build760-c -I x_amd64/asm ter-�� ache/go/1.25.0/x64/src/runtime/r-goversion KsLRc13JdKDgsvk4UL x_amd64/vet - GOAMD64_v1 -gensymabis x_amd64/vet (http block)
  • https://api.github.com/repos/github/gh-aw/git/ref/tags/v2.0.0
    • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v2.0.0 --jq .object.sha npx prettier --c-errorsas GOPROXY 64/bin/go GOSUMDB GOWORK 64/bin/go sh -c "prettier" --check 'scripts/**/*GOINSECURE sh 64/bin/go tierignore GOPROXY 64/bin/go go (http block)
    • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v2.0.0 --jq .object.sha npx prettier --c-s GOPROXY 64/bin/go GOSUMDB GOWORK Hash node /hom�� --check scripts/**/*.js 64/bin/go .prettierignore GOPROXY 64/bin/go go (http block)
    • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v2.0.0 --jq .object.sha prettier --check 64/bin/go **/*.ts **/*.json --ignore-path node /hom�� --check scripts/**/*.js 64/bin/go .prettierignore GOPROXY 64/bin/go go (http block)
  • https://api.github.com/repos/github/gh-aw/git/ref/tags/v3.0.0
    • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v3.0.0 --jq .object.sha npx prettier --c-p GOPROXY 64/bin/go GOSUMDB GOWORK run-script/lib/ntddOS0Wd-RK9UvBe6S6d/tddOS0Wd-RK9UvBe6S6d node /hom�� --check scripts/**/*.js 64/bin/go .prettierignore GOPROXY 64/bin/go go (http block)
    • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v3.0.0 --jq .object.sha y1305/sum_amd64.-errorsas nwind-tables x_amd64/compile -p kitty -lang=go1.25 x_amd64/compile -I ache/go/1.25.0/x--exclude-hidden=receive -fPIC x_amd64/vet -pthread ions =0 x_amd64/vet (http block)
  • https://api.github.com/repos/githubnext/agentics/git/ref/tags/
    • Triggering command: /usr/bin/gh gh api /repos/githubnext/agentics/git/ref/tags/# --jq .object.sha w/js/**/*.json' --ignore-path ../../../.prettierignore -tests $name) { hasDiscussionsEnabled } } /tmp/push-signed/usr/bin/gh . 8bcf605ab2e01364graphql git inva�� test-NmkqH7/no-i-f git bin/sh -bare-lGXQxb ings.cjs ode-gyp-bin/go ache/node/24.14.rev-parse (http block)
  • https://api.github.com/repos/nonexistent/action/git/ref/tags/v999.999.999
    • Triggering command: /usr/bin/gh gh api /repos/nonexistent/action/git/ref/tags/v999.999.999 --jq .object.sha -json GO111MODULE At,event,headBranch,headSha,displayTitle GOINSECURE GOMOD GOMODCACHE go env -json GO111MODULE aw.test GOINSECURE GOMOD GOMODCACHE aw.test (http block)
    • Triggering command: /usr/bin/gh gh api /repos/nonexistent/action/git/ref/tags/v999.999.999 --jq .object.sha 040655/b307/_pkg_.a cfg 64/pkg/tool/linux_amd64/vet 9CvG/KJONJt5PrzYgit /go-yaml/token -lang=go1.25 64/pkg/tool/linux_amd64/vet -W -I 040655/b276/ 64/pkg/tool/linux_amd64/vet . --gdwarf2 --64 64/pkg/tool/linux_amd64/vet (http block)
  • https://api.github.com/repos/nonexistent/repo/actions/runs/12345
    • Triggering command: /usr/bin/gh gh run view 12345 --repo nonexistent/repo --json status,conclusion GOINSECURE GOMOD GOMODCACHE go env -json GO111MODULE 64/pkg/tool/linux_amd64/vet GOINSECURE GOMOD GOMODCACHE 64/pkg/tool/linux_amd64/vet (http block)
    • Triggering command: /usr/bin/gh gh run view 12345 --repo nonexistent/repo --json status,conclusion --gdwarf-5 on -o 64/pkg/tool/linux_amd64/vet -W mLsRemoteWithRealGitmain_branch8remote.origin.url mLsRemoteWithRealGitmain_branch89780878/001' 64/pkg/tool/linux_amd64/vet . --gdwarf2 --64 64/pkg/tool/linux_amd64/vet (http block)
  • https://api.github.com/repos/owner/repo/actions/workflows
    • Triggering command: /usr/bin/gh gh workflow list --json name,state,path --repo owner/repo 64/bin/go GOINSECURE GOMOD GOMODCACHE go env -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE /...; \ else \ echo "golangci-lGO111MODULE (http block)
    • Triggering command: /usr/bin/gh gh workflow list --json name,state,path --repo owner/repo -nolocalimports -importcfg /tmp/go-build3007224277/b414/importcfg -pack /tmp/go-build3007224277/b414/_testmain.go env -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE sh (http block)
    • Triggering command: /usr/bin/gh gh workflow list --json name,state,path --repo owner/repo -c=4 -race -nolocalimports -importcfg /tmp/go-build760040655/b318/importcfg ecod�� 64/src/os/user git x_amd64/asm --show-toplevel ache/go/1.25.0/x-o /usr/bin/git x_amd64/asm (http block)
  • https://api.github.com/repos/owner/repo/contents/file.md
    • Triggering command: /tmp/go-build3007224277/b396/cli.test /tmp/go-build3007224277/b396/cli.test -test.testlogfile=/tmp/go-build3007224277/b396/testlog.txt -test.paniconexit0 -test.v=true -test.parallel=4 -test.timeout=10m0s -test.run=^Test -test.short=true GOINSECURE GOMOD GOMODCACHE go env -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go (http block)
    • Triggering command: /tmp/go-build760040655/b001/cli.test /tmp/go-build760040655/b001/cli.test -test.testlogfile=/tmp/go-build760040655/b001/testlog.txt -test.paniconexit0 -test.timeout=10m0s /tmp/go-build760040655/b310/vet.cfg 64/src/runtime/race git n-dir/as --show-toplevel fips140 /usr/bin/git 2.o 0406�� ache/go/1.25.0/x-errorsas git s fvAz/GAT7z-dnP7T/opt/hostedtoolcache/go/1.25.0/x64/pkg/tool/linux_amd64/vet go 0/x64/bin/node 040655/b125/_x00-buildtags (http block)
  • https://api.github.com/repos/test-owner/test-repo/actions/secrets
    • Triggering command: /usr/bin/gh gh api /repos/test-owner/test-repo/actions/secrets --jq .secrets[].name -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go env -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE sh (http block)
    • Triggering command: /usr/bin/gh gh api /repos/test-owner/test-repo/actions/secrets --jq .secrets[].name ache/go/1.25.0/x64/src/runtime/c. git KDgsvk4UL --show-toplevel go /usr/bin/git bis ache�� 64/src/os/user git x_amd64/asm --show-toplevel e/git /usr/bin/git x_amd64/asm (http block)
  • invalid.example.invalid
    • Triggering command: /usr/lib/git-core/git-remote-https /usr/lib/git-core/git-remote-https origin https://invalid.example.invalid/nonexistent-repo.git git conf�� user.name lure tions/setup/js/node_modules/.bin/git -M main /usr/sbin/git git init�� --bare --initial-branch=main k/gh-aw/gh-aw/actions/setup/js/node_modules/.bin/git '/tmp/bare-incregit '/tmp/bare-increadd cal/bin/git git (dns block)

If you need me to access, download, or install something from one of these locations, you can either:

Copilot AI linked an issue Apr 2, 2026 that may be closed by this pull request
Lock-file integrity check must cover compiled YAML content, not only .md frontmatter #24156
Closed
@szabta89
fix: add compiled YAML hash to lock file integrity check (#1674)
5b52f93 
Add a `compiled_hash` field to the lock file metadata that covers all
non-comment YAML lines. The runtime integrity check in
`check_workflow_timestamp_api.cjs` now verifies this hash in addition
to the existing frontmatter hash. This detects tampering with
security-critical fields (permissions, env vars, job steps, network
policies) in the compiled lock file even when the .md source is
unchanged.

- Go: add `CompiledHash` to `LockMetadata`, compute it via two-pass
  generation in `generateYAML` after emitting the YAML body, then
  inject it into the `gh-aw-metadata` comment
- JS: add `extractCompiledHashFromLockFile` and
  `computeCompiledHashFromLockFile` to `frontmatter_hash_pure.cjs`
- JS: verify compiled hash in `check_workflow_timestamp_api.cjs`;
  fail with a tamper-detection message on mismatch
- Old lock files without `compiled_hash` continue to work (backward
  compatible; only frontmatter hash is checked)
- All 179 repo lock files recompiled with the new field

Agent-Logs-Url: https://github.com/github/gh-aw/sessions/95b17fcc-94fe-4d93-b174-4789a4505521

Co-authored-by: szabta89 <1330202+szabta89@users.noreply.github.com>
Copilot AI changed the title [WIP] Fix lock-file integrity check to cover compiled YAML content fix: lock-file integrity check now covers compiled YAML body Apr 2, 2026
Copilot AI requested a review from szabta89 April 2, 2026 19:18
@pelikhan
Copy link
Copy Markdown
Collaborator

pelikhan commented Apr 2, 2026

Hash is a staleness measure, not a tampering preventionechanism

@pelikhan pelikhan closed this Apr 2, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@szabta89 szabta89 Awaiting requested review from szabta89

Assignees

@szabta89 szabta89

Copilot code review Copilot

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Lock-file integrity check must cover compiled YAML content, not only .md frontmatter

3 participants

@pelikhan @szabta89