From 4d1b151deaddbdf6c1cb43b7fcc27451f7301722 Mon Sep 17 00:00:00 2001 From: GeiserX Date: Mon, 22 Jun 2026 23:11:10 +0200 Subject: [PATCH 1/2] security: block fork PRs from running on the self-hosted runner Jobs triggered on pull_request that run on the self-hosted runner could execute untrusted fork PR code on the runner host. Add an if: guard so these jobs run only for same-repo events (push, schedule, workflow_dispatch, and PRs from branches in this repo), never for fork PRs. Runner stays self-hosted for trusted runs. --- .github/workflows/ci.yml | 12 ++++++++++++ .github/workflows/cli-tests.yml | 8 ++++++++ 2 files changed, 20 insertions(+) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index fb76d0fa..367cf626 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -45,6 +45,10 @@ jobs: lint: name: Lint & Type Check runs-on: [self-hosted, Linux, X64] + # Do not run untrusted fork PR code on the self-hosted runner. + if: >- + github.event_name != 'pull_request' || + github.event.pull_request.head.repo.full_name == github.repository steps: - name: Checkout code uses: actions/checkout@v6 @@ -77,6 +81,10 @@ jobs: test: name: Test runs-on: [self-hosted, Linux, X64] + # Do not run untrusted fork PR code on the self-hosted runner. + if: >- + github.event_name != 'pull_request' || + github.event.pull_request.head.repo.full_name == github.repository steps: - name: Checkout code uses: actions/checkout@v6 @@ -110,6 +118,10 @@ jobs: build: name: Build runs-on: [self-hosted, Linux, X64] + # Do not run untrusted fork PR code on the self-hosted runner. + if: >- + github.event_name != 'pull_request' || + github.event.pull_request.head.repo.full_name == github.repository steps: - name: Checkout code uses: actions/checkout@v6 diff --git a/.github/workflows/cli-tests.yml b/.github/workflows/cli-tests.yml index 4fb12a43..381e601e 100644 --- a/.github/workflows/cli-tests.yml +++ b/.github/workflows/cli-tests.yml @@ -31,6 +31,10 @@ jobs: public-tests: name: Public CLI Tests runs-on: [self-hosted, Linux, X64] + # Do not run untrusted fork PR code on the self-hosted runner. + if: >- + github.event_name != 'pull_request' || + github.event.pull_request.head.repo.full_name == github.repository steps: - name: Checkout uses: actions/checkout@v6 @@ -216,6 +220,10 @@ jobs: build-test: name: Build CLI from Source runs-on: [self-hosted, Linux, X64] + # Do not run untrusted fork PR code on the self-hosted runner. + if: >- + github.event_name != 'pull_request' || + github.event.pull_request.head.repo.full_name == github.repository steps: - name: Checkout uses: actions/checkout@v6 From f3e70bd975190ce0a33c41024e13e6b64e9995bc Mon Sep 17 00:00:00 2001 From: GeiserX Date: Mon, 22 Jun 2026 23:13:21 +0200 Subject: [PATCH 2/2] security: also gate the always() summary job to same-repo events --- .github/workflows/ci.yml | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 367cf626..98849dfa 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -201,7 +201,11 @@ jobs: name: CI Summary runs-on: [self-hosted, Linux, X64] needs: [lint, test, build] - if: always() + # always() but still gated to same-repo events (no fork PRs on self-hosted) + if: >- + always() && + (github.event_name != 'pull_request' || + github.event.pull_request.head.repo.full_name == github.repository) steps: - name: Check results run: |