fix: harden CI publishing workflows against supply-chain attacks#65
Merged
Conversation
- Pin all GitHub Actions to immutable commit SHAs (all 3 workflows) - Split C# build/publish into separate jobs to isolate OIDC credentials - Upgrade C# actions from v3 to v4, Python setup-python from v4 to v5 - Add NODE_AUTH_TOKEN and --provenance flag for npm publish (JS workflow) - Add upload/download-artifact steps to C# workflow for cross-job artifact passing Agent-Logs-Url: https://github.com/dnv-opensource/vista-sdk/sessions/1275397f-8419-49c4-b04e-74832dcb18e2 Co-authored-by: kristoffersaastad <101731170+kristoffersaastad@users.noreply.github.com>
Agent-Logs-Url: https://github.com/dnv-opensource/vista-sdk/sessions/1275397f-8419-49c4-b04e-74832dcb18e2 Co-authored-by: kristoffersaastad <101731170+kristoffersaastad@users.noreply.github.com>
Copilot created this pull request from a session on behalf of
kristoffersaastad
April 27, 2026 08:29
View session
kristoffersaastad
requested changes
Apr 27, 2026
Agent-Logs-Url: https://github.com/dnv-opensource/vista-sdk/sessions/bfaa6e0c-1c40-4fb0-a687-f29f7a4546f1 Co-authored-by: kristoffersaastad <101731170+kristoffersaastad@users.noreply.github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Hardens all three publishing workflows (C#/NuGet, Python/PyPI, JS/npm) against supply-chain attacks identified in a security audit of the CI/CD pipelines.
Changes
🔒 Pin all GitHub Actions to immutable commit SHAs (all 3 workflows)
All actions were referencing mutable version tags (e.g.,
@v3,@v4,@release/v1). If an upstream action repository is compromised, the attacker can move the tag to point at malicious code, which would execute with publishing credentials on the next workflow run.Every action reference is now pinned to a specific commit SHA with the version tag in a trailing comment for readability:
🔒 Split C# build/publish into separate jobs
Previously, the entire C# pipeline (build, test, pack, and publish) ran in a single job with
id-token: writepermission. This meant the OIDC token for NuGet publishing was available during build and test phases — a compromised NuGet dependency running code duringdotnet restore/build/testcould exfiltrate the token.Now build and publish are separate jobs:
buildjob:contents: readonly — builds, tests, packs, and uploads artifactspublishjob:id-token: write— downloads artifacts and pushes to NuGet⬆️ Upgrade stale action versions
actions/checkoutv3→v4,actions/setup-dotnetv3→v4actions/setup-pythonv4→v5🔒 Add
--provenanceto JS npm publish commands--provenanceflag tonpm publishcommands to generate SLSA provenance attestation, allowing consumers to verify packages were built from this repositoryid-token: write+registry-urlinsetup-node)workflow_dispatchfrom bypassing review gates