Project name must match PyPi#532
Conversation
…#5) * Bump version to 1.0.0; drop support for Python 3.6, 3.7 because of requests requirement * Test with more recent Python 3.x versions * Fix pylint errors: missing __init__.py, import ordering, exception handling Add customerio/__init__.py so pylint can resolve the package hierarchy. Fix raise-missing-from, return-in-finally, and import ordering warnings. Fix RuntimeError formatting bug where %-placeholders were not interpolated. * mise venv for local development * Prefer using pip from venv to uv * Split linting out from tests * Add lint-ci which fails only on linting errors * Latest doc URLs --------- Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
* Dependabot * Modernise GH workflows * Switch to pyproject.toml * Switch to core unittest.mock * Remove support for Python 3.8 * Try to avoid Bugbot drip on code reviews * Read runtime version from package metadata instead of hardcoding * Upgrade flake8 to fix Python 3.14 compatibility flake8 3.7.9's pyflakes dependency uses ast.Str, which was removed in Python 3.14, causing "module 'ast' has no attribute 'Str'" in CI. --------- Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
|
Sorry meant to open this against our fork. |
| run: python -m build | ||
|
|
||
| - name: Publish to PyPI | ||
| uses: pypa/gh-action-pypi-publish@release/v1 |
There was a problem hiding this comment.
Semgrep identified an issue in your code:
GitHub Actions workflow uses a mutable version tag instead of a pinned commit SHA, allowing action maintainers (or attackers who compromise them) to inject malicious code that runs with your credentials.
More details about this
The workflow uses pypa/gh-action-pypi-publish@release/v1, which pins the action to a version tag rather than a full commit SHA. This means the actual code executed can change without warning every time the workflow runs—if the maintainer updates the release/v1 tag to point to a different commit, your workflow will silently pull that new version.
Here's how an attacker could exploit this:
- Compromise the
pypa/gh-action-pypi-publishrepository by gaining access to the maintainer's account or through a supply-chain attack. - Update the
release/v1tag to point to a malicious commit containing backdoor code that exfiltrates your PyPI credentials stored in thePYPI_API_TOKENenvironment variable. - Your next workflow run automatically executes this malicious version without any code review, since your workflow is configured to use a mutable tag reference.
- The attacker gains your PyPI token and publishes a compromised package to PyPI under your project's name, affecting all downstream users.
By pinning to a specific commit SHA (e.g., @a1d2e3f...), you ensure that no matter what happens to the tag or repository, only that exact version of the action executes.
To resolve this comment:
✨ Commit fix suggestion
| uses: pypa/gh-action-pypi-publish@release/v1 | |
| uses: pypa/gh-action-pypi-publish@9b7d5b2c6f4e8a1d3c0f7e6b5a4d3c2b1a0f9e8d # release/v1 |
View step-by-step instructions
- Replace the third-party action reference with a full 40-character commit SHA instead of the mutable tag
@release/v1. - Keep the intended version in a trailing comment so it is still easy to understand which release you pinned, for example:
uses: pypa/gh-action-pypi-publish@<full-commit-sha> # release/v1. - Resolve the SHA from the action's repository release or tag page and use the exact commit that
release/v1currently points to. Pinning to a commit makes the workflow use an immutable action revision. - Leave the rest of the step unchanged unless the pinned revision's documentation requires different inputs.
💬 Ignore this finding
Reply with Semgrep commands to ignore this finding.
/fp <comment>for false positive/ar <comment>for acceptable risk/other <comment>for all other reasons
Alternatively, triage in Semgrep AppSec Platform to ignore the finding created by third-party-action-not-pinned-to-commit-sha.
Need help with this issue? Consult our appsec team or ask in #help-appsec on Slack.
You can view more details about this finding in the Semgrep AppSec Platform.
|
Semgrep found 9
GitHub Actions step uses a mutable tag or branch reference. Tags and branch names can be silently repointed by the action owner, enabling supply-chain attacks — as seen in the trivy-action and kics-github-action compromises. Pin the reference to a full 40-character commit SHA instead, e.g. Need help with this issue? Consult our appsec team or ask in #help-appsec on Slack. |
Following on from customerio#8 , we need to update the project name in
pyproject.tomlto match the name in PyPi for trusted publishing workflows. Otherwise they will fail.