Skip to content

fix(plugins): reject declared signatures when signing key is missing #1783#1987

Merged
utksh1 merged 1 commit into
utksh1:mainfrom
NaitikVerma6776:issue-#1783
Jul 9, 2026
Merged

fix(plugins): reject declared signatures when signing key is missing #1783#1987
utksh1 merged 1 commit into
utksh1:mainfrom
NaitikVerma6776:issue-#1783

Conversation

@NaitikVerma6776

Copy link
Copy Markdown
Collaborator

Summary

  • Closes a security gap where plugins declaring a signature were accepted when SECUSCAN_PLUGIN_SIGNATURE_KEY was unset and global enforcement was off.
  • _verify_plugin_integrity now always requires the signing key when a signature is present.
  • Adds a regression test covering the enforcement-off path.

Closes #1783

Test plan

  • python -m pytest testing/backend/unit/test_plugin_validator.py::TestSecurityNegativeTests::test_declared_signature_requires_key_even_when_enforcement_off -v
  • python -m pytest testing/backend/unit/test_plugin_integrity.py -v
  • Existing plugin load tests still pass (no bundled plugins declare signatures today)

Require SECUSCAN_PLUGIN_SIGNATURE_KEY whenever a plugin declares a
signature, even if signature enforcement is disabled globally.

Co-authored-by: Cursor <cursoragent@cursor.com>
@NaitikVerma6776 NaitikVerma6776 added level:intermediate 35 pts difficulty label for moderate contributor PRs type:security Security work category bonus label type:bug Bug fix work category bonus label gssoc:approved Admin validation: approved for GSSoC scoring area:backend Backend API, database, or service work area:plugins Scanner plugin metadata, schemas, or plugin runtime work and removed area:backend Backend API, database, or service work labels Jul 9, 2026
@utksh1 utksh1 merged commit 3f505a2 into utksh1:main Jul 9, 2026
21 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

area:plugins Scanner plugin metadata, schemas, or plugin runtime work gssoc:approved Admin validation: approved for GSSoC scoring level:intermediate 35 pts difficulty label for moderate contributor PRs type:bug Bug fix work category bonus label type:security Security work category bonus label

Projects

None yet

Development

Successfully merging this pull request may close these issues.

[#10] Signature declared but unverified is accepted at exec time

2 participants