rodin/review-bot
2
1
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases 6 Wiki Activity

fix(#120): detect VCS host for releases API and derive action-repo #122

Closed
rodin wants to merge 2 commits from issue-120 into feature/github-support
pull from: issue-120
merge into: rodin:feature/github-support
Conversation 7 Commits 2 Files Changed 3
+97 -16
rodin commented 2026-05-14 04:04:14 +00:00
Owner
Copy Link
Copy Source

Summary

Fixes the composite action so it works correctly on GitHub Enterprise Server as well as Gitea. Closes #120.

Problem

The action hardcoded three Gitea-specific assumptions:

  1. REPO defaulted to rodin/review-bot — should derive from context or be configurable
  2. Releases API used Gitea path format (/api/v1/repos/...) — GitHub uses /api/v3/repos/...
  3. Binary download URL construction reused the same API URL variable, though download paths are actually identical between platforms
  4. The .gitea action's "Run review" step used GITEA_URL/GITEA_REPO env vars — the review-bot binary expects GITHUB_SERVER_URL/GITHUB_REPOSITORY

Fix

VCS detection: Check if server_url contains gitea → use /api/v1/ (Gitea). Otherwise → use /api/v3/ (GitHub).

Action repo default: Auto-select rodin/review-bot on Gitea or strat/review-bot on GitHub when action-repo input is not set.

New action-repo input: Allows explicit override for non-default setups. Defaults to empty (auto-detect).

Env var alignment: Fixed .gitea action's "Run review" step to set GITHUB_SERVER_URL/GITHUB_REPOSITORY instead of GITEA_URL/GITEA_REPO.

Self-test workflow: Added .github/workflows/review.yml on strat/review-bot to validate the fix end-to-end on GitHub.

Backward Compatibility

Existing Gitea callers using default inputs see no change:

  • server_url contains gitea/api/v1/ selected
  • action-repo empty → defaults to rodin/review-bot
  • Behavior identical to before

Checklist

  • Gitea callers: default action-repo resolves to rodin/review-bot via /api/v1/
  • GitHub callers: default action-repo resolves to strat/review-bot via /api/v3/
  • Explicit action-repo input overrides auto-detection
  • Both action files have identical logic (diff is zero)
  • YAML validates
  • .gitea "Run review" step now uses GITHUB_SERVER_URL/GITHUB_REPOSITORY
  • Self-test workflow created at .github/workflows/review.yml
## Summary Fixes the composite action so it works correctly on GitHub Enterprise Server as well as Gitea. Closes #120. ## Problem The action hardcoded three Gitea-specific assumptions: 1. `REPO` defaulted to `rodin/review-bot` — should derive from context or be configurable 2. Releases API used Gitea path format (`/api/v1/repos/...`) — GitHub uses `/api/v3/repos/...` 3. Binary download URL construction reused the same API URL variable, though download paths are actually identical between platforms 4. The `.gitea` action's "Run review" step used `GITEA_URL`/`GITEA_REPO` env vars — the review-bot binary expects `GITHUB_SERVER_URL`/`GITHUB_REPOSITORY` ## Fix **VCS detection**: Check if `server_url` contains `gitea` → use `/api/v1/` (Gitea). Otherwise → use `/api/v3/` (GitHub). **Action repo default**: Auto-select `rodin/review-bot` on Gitea or `strat/review-bot` on GitHub when `action-repo` input is not set. **New `action-repo` input**: Allows explicit override for non-default setups. Defaults to empty (auto-detect). **Env var alignment**: Fixed `.gitea` action's "Run review" step to set `GITHUB_SERVER_URL`/`GITHUB_REPOSITORY` instead of `GITEA_URL`/`GITEA_REPO`. **Self-test workflow**: Added `.github/workflows/review.yml` on `strat/review-bot` to validate the fix end-to-end on GitHub. ## Backward Compatibility Existing Gitea callers using default inputs see no change: - `server_url` contains `gitea` → `/api/v1/` selected - `action-repo` empty → defaults to `rodin/review-bot` - Behavior identical to before ## Checklist - [x] Gitea callers: default `action-repo` resolves to `rodin/review-bot` via `/api/v1/` - [x] GitHub callers: default `action-repo` resolves to `strat/review-bot` via `/api/v3/` - [x] Explicit `action-repo` input overrides auto-detection - [x] Both action files have identical logic (diff is zero) - [x] YAML validates - [x] `.gitea` "Run review" step now uses `GITHUB_SERVER_URL`/`GITHUB_REPOSITORY` - [x] Self-test workflow created at `.github/workflows/review.yml`
rodin added 1 commit 2026-05-14 04:04:14 +00:00
fix(#120): detect VCS host for releases API and derive action-repo
CI / test (pull_request) Successful in 20s
Details
CI / review (anthropic--claude-4.6-sonnet, sonnet, SONNET_REVIEW_TOKEN) (pull_request) Successful in 29s
Details
CI / review (gpt-5, security, ., rodin/security-patterns, SECURITY_REVIEW.md, SECURITY_REVIEW_TOKEN) (pull_request) Successful in 1m40s
Details
CI / review (gpt-5, gpt, GPT_REVIEW_TOKEN) (pull_request) Successful in 2m3s
Details
3ac5e5dcca 
Both composite actions hardcoded:
- Gitea's /api/v1/ releases endpoint path
- 'rodin/review-bot' as the action source repo
- .gitea version used GITEA_URL/GITEA_REPO env vars instead of
  GITHUB_SERVER_URL/GITHUB_REPOSITORY

Fix:
- Add 'action-repo' input (default: empty) to allow explicit override
- Auto-detect VCS host from server_url: URLs containing 'gitea' use
  /api/v1/ (Gitea format), all others use /api/v3/ (GitHub format)
- Set smart default action-repo: 'rodin/review-bot' on Gitea,
  'strat/review-bot' on GitHub
- Pass server-url and action-repo as step outputs to avoid re-computing
- Fix .gitea action's 'Run review' env to use GITHUB_SERVER_URL and
  GITHUB_REPOSITORY (matching .github version and review-bot binary
  env var expectations)
- Add .github/workflows/review.yml for self-testing on github.concur.com

Backward compatible: existing Gitea callers using default inputs continue
to resolve rodin/review-bot via /api/v1/ unchanged.

Closes #120
sonnet-review-bot approved these changes 2026-05-14 04:05:05 +00:00
sonnet-review-bot left a comment
First-time contributor
Copy Link
Copy Source

Original review

Supersededsee current review for up-to-date findings.

Previous findings (commit 3ac5e5dc)

Sonnet Review

Summary

This PR correctly fixes VCS host detection for GitHub Enterprise Server vs Gitea by introducing API path selection and auto-deriving the action-repo default. The logic is clean, backward-compatible, and the two action files are kept in sync. CI passes.

Findings

# Severity File Line Finding
1 [MINOR] .github/workflows/review.yml 32 The self-test workflow uses ./.gitea/actions/review (line 32: uses: ./.gitea/actions/review) rather than ./.github/actions/review. On GitHub the runner will look for local composite actions under .github/, not .gitea/. While GitHub Actions does allow resolving .gitea/ paths in some environments, this is unexpected and could break on a standard GitHub or GHES runner that doesn't support the Gitea convention. The intent of this workflow is to validate the GitHub path, so it should reference ./.github/actions/review.
2 [MINOR] .gitea/actions/review/action.yml 122 The VCS detection heuristic grep -qi 'gitea' matches on the word 'gitea' anywhere in the server URL. This works for the known cases (e.g. https://gitea.example.com) but would misfire for a GitHub Enterprise Server instance with 'gitea' in its hostname, or fail for a self-hosted Gitea instance that doesn't include 'gitea' in its URL (e.g. https://code.mycompany.com). A more robust approach would be to attempt the Gitea API path and fall back, or to expose an explicit api-version input. This is acceptable as a pragmatic heuristic for the stated use-cases but worth documenting as a known limitation.
3 [NIT] .gitea/actions/review/action.yml 1 The comment at the top of both action files still reads '# This composite action is designed for Gitea Actions runners.' After this change the .github/actions/review/action.yml copy is also intended for GitHub/GHES runners. The comment should be updated in that file to reflect its dual purpose.

Recommendation

APPROVE — The core logic is correct and well-structured. The one actionable issue worth fixing before this is relied upon in production is the uses: ./.gitea/actions/review reference in .github/workflows/review.yml — this is the self-test workflow meant to validate the GitHub path, yet it points at the .gitea/ action copy. Change that reference to ./.github/actions/review. The VCS detection heuristic limitation is worth a comment but not a blocker given the stated scope. Everything else is a nit.

Review by sonnet

Evaluated against 3ac5e5dc

~~Original review~~ **Superseded** — [see current review](https://gitea.weiker.me/rodin/review-bot/pulls/122#pullrequestreview-3635) for up-to-date findings. <details><summary>Previous findings (commit 3ac5e5dc)</summary> # Sonnet Review ## Summary This PR correctly fixes VCS host detection for GitHub Enterprise Server vs Gitea by introducing API path selection and auto-deriving the action-repo default. The logic is clean, backward-compatible, and the two action files are kept in sync. CI passes. ## Findings | # | Severity | File | Line | Finding | |---|----------|------|------|--------| | 1 | [MINOR] | `.github/workflows/review.yml` | 32 | The self-test workflow uses `./.gitea/actions/review` (line 32: `uses: ./.gitea/actions/review`) rather than `./.github/actions/review`. On GitHub the runner will look for local composite actions under `.github/`, not `.gitea/`. While GitHub Actions does allow resolving `.gitea/` paths in some environments, this is unexpected and could break on a standard GitHub or GHES runner that doesn't support the Gitea convention. The intent of this workflow is to validate the GitHub path, so it should reference `./.github/actions/review`. | | 2 | [MINOR] | `.gitea/actions/review/action.yml` | 122 | The VCS detection heuristic `grep -qi 'gitea'` matches on the word 'gitea' anywhere in the server URL. This works for the known cases (e.g. `https://gitea.example.com`) but would misfire for a GitHub Enterprise Server instance with 'gitea' in its hostname, or fail for a self-hosted Gitea instance that doesn't include 'gitea' in its URL (e.g. `https://code.mycompany.com`). A more robust approach would be to attempt the Gitea API path and fall back, or to expose an explicit `api-version` input. This is acceptable as a pragmatic heuristic for the stated use-cases but worth documenting as a known limitation. | | 3 | [NIT] | `.gitea/actions/review/action.yml` | 1 | The comment at the top of both action files still reads '# This composite action is designed for Gitea Actions runners.' After this change the `.github/actions/review/action.yml` copy is also intended for GitHub/GHES runners. The comment should be updated in that file to reflect its dual purpose. | ## Recommendation **APPROVE** — The core logic is correct and well-structured. The one actionable issue worth fixing before this is relied upon in production is the `uses: ./.gitea/actions/review` reference in `.github/workflows/review.yml` — this is the self-test workflow meant to validate the GitHub path, yet it points at the `.gitea/` action copy. Change that reference to `./.github/actions/review`. The VCS detection heuristic limitation is worth a comment but not a blocker given the stated scope. Everything else is a nit. --- *Review by sonnet* <!-- review-bot:sonnet --> --- *Evaluated against 3ac5e5dc* </details> <!-- review-bot:sonnet -->
.gitea/actions/review/action.yml
@@ -117,0 +119,4 @@
SERVER_URL="${{ inputs.gitea-url || github.server_url }}"
# Detect VCS type: Gitea uses /api/v1/, GitHub uses /api/v3/
if echo "$SERVER_URL" | grep -qi 'gitea'; then
API_BASE="${SERVER_URL}/api/v1"
sonnet-review-bot commented 2026-05-14 04:05:05 +00:00
First-time contributor
Copy Link
Copy Source

[MINOR] The VCS detection heuristic grep -qi 'gitea' matches on the word 'gitea' anywhere in the server URL. This works for the known cases (e.g. https://gitea.example.com) but would misfire for a GitHub Enterprise Server instance with 'gitea' in its hostname, or fail for a self-hosted Gitea instance that doesn't include 'gitea' in its URL (e.g. https://code.mycompany.com). A more robust approach would be to attempt the Gitea API path and fall back, or to expose an explicit api-version input. This is acceptable as a pragmatic heuristic for the stated use-cases but worth documenting as a known limitation.

**[MINOR]** The VCS detection heuristic `grep -qi 'gitea'` matches on the word 'gitea' anywhere in the server URL. This works for the known cases (e.g. `https://gitea.example.com`) but would misfire for a GitHub Enterprise Server instance with 'gitea' in its hostname, or fail for a self-hosted Gitea instance that doesn't include 'gitea' in its URL (e.g. `https://code.mycompany.com`). A more robust approach would be to attempt the Gitea API path and fall back, or to expose an explicit `api-version` input. This is acceptable as a pragmatic heuristic for the stated use-cases but worth documenting as a known limitation.
.github/workflows/review.yml Outdated
@@ -0,0 +29,4 @@
with:
reviewer-token: ${{ secrets[matrix.token_secret] }}
reviewer-name: ${{ matrix.name }}
llm-model: ${{ matrix.model }}
sonnet-review-bot commented 2026-05-14 04:05:05 +00:00
First-time contributor
Copy Link
Copy Source

[MINOR] The self-test workflow uses ./.gitea/actions/review (line 32: uses: ./.gitea/actions/review) rather than ./.github/actions/review. On GitHub the runner will look for local composite actions under .github/, not .gitea/. While GitHub Actions does allow resolving .gitea/ paths in some environments, this is unexpected and could break on a standard GitHub or GHES runner that doesn't support the Gitea convention. The intent of this workflow is to validate the GitHub path, so it should reference ./.github/actions/review.

**[MINOR]** The self-test workflow uses `./.gitea/actions/review` (line 32: `uses: ./.gitea/actions/review`) rather than `./.github/actions/review`. On GitHub the runner will look for local composite actions under `.github/`, not `.gitea/`. While GitHub Actions does allow resolving `.gitea/` paths in some environments, this is unexpected and could break on a standard GitHub or GHES runner that doesn't support the Gitea convention. The intent of this workflow is to validate the GitHub path, so it should reference `./.github/actions/review`.
security-review-bot requested review from security-review-bot 2026-05-14 04:06:17 +00:00
security-review-bot requested changes 2026-05-14 04:06:17 +00:00
security-review-bot left a comment
Collaborator
Copy Link
Copy Source

Original review

Supersededsee current review for up-to-date findings.

Previous findings (commit 3ac5e5dc)

Security Review

Summary

The composite actions introduce command injection risks by interpolating untrusted inputs into shell without validation, and they download and execute binaries from user-specified URLs without enforcing HTTPS or domain validation. CI passed, but these issues are exploitable in certain workflows and should be addressed.

Findings

# Severity File Line Finding
1 [MAJOR] .gitea/actions/review/action.yml 130 Command injection risk: unvalidated input (ACTION_REPO) is interpolated into a shell command argument for curl ("${API_BASE}/repos/${ACTION_REPO}/..."). If ACTION_REPO contains command substitution like $(...) or backticks, it will be executed by the shell even within double quotes.
2 [MAJOR] .gitea/actions/review/action.yml 160 Command injection risk: unvalidated inputs (SERVER_URL and ACTION_REPO) are used in curl URLs ("${SERVER_URL}/${ACTION_REPO}/releases/download..."). Embedded $(...) or backticks in either value will trigger command substitution and arbitrary command execution.
3 [MAJOR] .github/actions/review/action.yml 130 Command injection risk: unvalidated ACTION_REPO is expanded into curl URL ("${API_BASE}/repos/${ACTION_REPO}/...") and may execute $(...) or ... via command substitution.
4 [MAJOR] .github/actions/review/action.yml 160 Command injection risk: unvalidated SERVER_URL and ACTION_REPO are used in curl calls ("${SERVER_URL}/${ACTION_REPO}/releases/download...") allowing command substitution if inputs contain $(...) or backticks.
5 [MINOR] .gitea/actions/review/action.yml 116 No enforcement of HTTPS for SERVER_URL; allowing http or arbitrary schemes permits MITM and integrity compromise of the downloaded binary and checksum.
6 [MINOR] .github/actions/review/action.yml 116 No enforcement of HTTPS for SERVER_URL; permitting non-HTTPS allows downgrade/MITM when downloading and executing the binary.
7 [MINOR] .gitea/actions/review/action.yml 130 Potential SSRF/internal network access: SERVER_URL is user-configurable and used for server-side requests without allowlisting or validation, enabling connections to internal services from the runner.
8 [MINOR] .github/actions/review/action.yml 130 Potential SSRF/internal network access: SERVER_URL is used for server-side requests without validation or allowlisting, enabling connections to arbitrary hosts from the runner.
9 [MINOR] .gitea/actions/review/action.yml 130 Missing network timeouts/retries for curl may cause the job to hang or be susceptible to long delays; consider adding --max-time/--connect-timeout and bounded retries.
10 [MINOR] .github/actions/review/action.yml 130 Missing network timeouts/retries for curl may cause hangs; add --max-time/--connect-timeout and safe retry logic.

Recommendation

REQUEST_CHANGES — Harden the shell scripts to prevent command injection and unsafe downloads:

  1. Sanitize and strictly validate inputs used in shell context:
  • For ACTION_REPO, enforce an allowlist regex like: ^[A-Za-z0-9.-]+/[A-Za-z0-9.-]+$ and reject otherwise.
  • For SERVER_URL, parse and validate scheme and host. Require https and a safe hostname (e.g., matches the detected VCS host or an explicit allowlist). Reject values containing backticks, $(), or other shell metacharacters.
  • Prefer setting these variables via safe evaluation and never trusting raw strings; however, note that command substitution occurs before invocation even inside double quotes, so the only safe path is input validation/rejection.
  1. Update curl invocations to reduce risk:
  • Enforce HTTPS (and optionally pin to known hosts) before proceeding. Fail closed if non-HTTPS.
  • Add timeouts (e.g., --connect-timeout 10 --max-time 60) and a limited retry policy with backoff (e.g., --retry 3 --retry-delay 2 --retry-all-errors).
  • Consider checking the resolved host against an allowlist (e.g., the same domain as github.server_url or your Gitea instance) to mitigate SSRF.
  1. Binary integrity:
  • Current checksum verification uses a checksums.txt fetched from the same untrusted origin. Consider stronger integrity verification (e.g., signature verification with a public key embedded in the action or pinned expected SHA256 for known versions). At minimum, only allow downloads from validated official hosts.
  1. Apply the same fixes to both .gitea/actions/review/action.yml and .github/actions/review/action.yml so their logic stays identical as intended.

Addressing the above will eliminate command injection vectors and reduce the risk of executing untrusted binaries or being affected by MITM/SSRF. Once fixed, the PR can be approved.

Review by security

Evaluated against 3ac5e5dc

~~Original review~~ **Superseded** — [see current review](https://gitea.weiker.me/rodin/review-bot/pulls/122#pullrequestreview-3637) for up-to-date findings. <details><summary>Previous findings (commit 3ac5e5dc)</summary> # Security Review ## Summary The composite actions introduce command injection risks by interpolating untrusted inputs into shell without validation, and they download and execute binaries from user-specified URLs without enforcing HTTPS or domain validation. CI passed, but these issues are exploitable in certain workflows and should be addressed. ## Findings | # | Severity | File | Line | Finding | |---|----------|------|------|--------| | 1 | [MAJOR] | `.gitea/actions/review/action.yml` | 130 | Command injection risk: unvalidated input (ACTION_REPO) is interpolated into a shell command argument for curl ("${API_BASE}/repos/${ACTION_REPO}/..."). If ACTION_REPO contains command substitution like $(...) or backticks, it will be executed by the shell even within double quotes. | | 2 | [MAJOR] | `.gitea/actions/review/action.yml` | 160 | Command injection risk: unvalidated inputs (SERVER_URL and ACTION_REPO) are used in curl URLs ("${SERVER_URL}/${ACTION_REPO}/releases/download..."). Embedded $(...) or backticks in either value will trigger command substitution and arbitrary command execution. | | 3 | [MAJOR] | `.github/actions/review/action.yml` | 130 | Command injection risk: unvalidated ACTION_REPO is expanded into curl URL ("${API_BASE}/repos/${ACTION_REPO}/...") and may execute $(...) or `...` via command substitution. | | 4 | [MAJOR] | `.github/actions/review/action.yml` | 160 | Command injection risk: unvalidated SERVER_URL and ACTION_REPO are used in curl calls ("${SERVER_URL}/${ACTION_REPO}/releases/download...") allowing command substitution if inputs contain $(...) or backticks. | | 5 | [MINOR] | `.gitea/actions/review/action.yml` | 116 | No enforcement of HTTPS for SERVER_URL; allowing http or arbitrary schemes permits MITM and integrity compromise of the downloaded binary and checksum. | | 6 | [MINOR] | `.github/actions/review/action.yml` | 116 | No enforcement of HTTPS for SERVER_URL; permitting non-HTTPS allows downgrade/MITM when downloading and executing the binary. | | 7 | [MINOR] | `.gitea/actions/review/action.yml` | 130 | Potential SSRF/internal network access: SERVER_URL is user-configurable and used for server-side requests without allowlisting or validation, enabling connections to internal services from the runner. | | 8 | [MINOR] | `.github/actions/review/action.yml` | 130 | Potential SSRF/internal network access: SERVER_URL is used for server-side requests without validation or allowlisting, enabling connections to arbitrary hosts from the runner. | | 9 | [MINOR] | `.gitea/actions/review/action.yml` | 130 | Missing network timeouts/retries for curl may cause the job to hang or be susceptible to long delays; consider adding --max-time/--connect-timeout and bounded retries. | | 10 | [MINOR] | `.github/actions/review/action.yml` | 130 | Missing network timeouts/retries for curl may cause hangs; add --max-time/--connect-timeout and safe retry logic. | ## Recommendation **REQUEST_CHANGES** — Harden the shell scripts to prevent command injection and unsafe downloads: 1) Sanitize and strictly validate inputs used in shell context: - For ACTION_REPO, enforce an allowlist regex like: ^[A-Za-z0-9._-]+/[A-Za-z0-9._-]+$ and reject otherwise. - For SERVER_URL, parse and validate scheme and host. Require https and a safe hostname (e.g., matches the detected VCS host or an explicit allowlist). Reject values containing backticks, $(), or other shell metacharacters. - Prefer setting these variables via safe evaluation and never trusting raw strings; however, note that command substitution occurs before invocation even inside double quotes, so the only safe path is input validation/rejection. 2) Update curl invocations to reduce risk: - Enforce HTTPS (and optionally pin to known hosts) before proceeding. Fail closed if non-HTTPS. - Add timeouts (e.g., --connect-timeout 10 --max-time 60) and a limited retry policy with backoff (e.g., --retry 3 --retry-delay 2 --retry-all-errors). - Consider checking the resolved host against an allowlist (e.g., the same domain as github.server_url or your Gitea instance) to mitigate SSRF. 3) Binary integrity: - Current checksum verification uses a checksums.txt fetched from the same untrusted origin. Consider stronger integrity verification (e.g., signature verification with a public key embedded in the action or pinned expected SHA256 for known versions). At minimum, only allow downloads from validated official hosts. 4) Apply the same fixes to both .gitea/actions/review/action.yml and .github/actions/review/action.yml so their logic stays identical as intended. Addressing the above will eliminate command injection vectors and reduce the risk of executing untrusted binaries or being affected by MITM/SSRF. Once fixed, the PR can be approved. --- *Review by security* <!-- review-bot:security --> --- *Evaluated against 3ac5e5dc* </details> <!-- review-bot:security -->
.gitea/actions/review/action.yml
@@ -112,10 +116,21 @@ runs:
id: version
security-review-bot commented 2026-05-14 04:06:17 +00:00
Collaborator
Copy Link
Copy Source

[MINOR] No enforcement of HTTPS for SERVER_URL; allowing http or arbitrary schemes permits MITM and integrity compromise of the downloaded binary and checksum.

**[MINOR]** No enforcement of HTTPS for SERVER_URL; allowing http or arbitrary schemes permits MITM and integrity compromise of the downloaded binary and checksum.
security-review-bot marked this conversation as resolved
.gitea/actions/review/action.yml
@@ -117,0 +127,4 @@
fi
ACTION_REPO="${{ inputs.action-repo || '' }}"
if [ -z "$ACTION_REPO" ]; then
ACTION_REPO="$DEFAULT_ACTION_REPO"
security-review-bot commented 2026-05-14 04:06:17 +00:00
Collaborator
Copy Link
Copy Source

[MAJOR] Command injection risk: unvalidated input (ACTION_REPO) is interpolated into a shell command argument for curl ("${API_BASE}/repos/${ACTION_REPO}/..."). If ACTION_REPO contains command substitution like $(...) or backticks, it will be executed by the shell even within double quotes.

**[MAJOR]** Command injection risk: unvalidated input (ACTION_REPO) is interpolated into a shell command argument for curl ("${API_BASE}/repos/${ACTION_REPO}/..."). If ACTION_REPO contains command substitution like $(...) or backticks, it will be executed by the shell even within double quotes.
security-review-bot commented 2026-05-14 04:06:17 +00:00
Collaborator
Copy Link
Copy Source

[MINOR] Potential SSRF/internal network access: SERVER_URL is user-configurable and used for server-side requests without allowlisting or validation, enabling connections to internal services from the runner.

**[MINOR]** Potential SSRF/internal network access: SERVER_URL is user-configurable and used for server-side requests without allowlisting or validation, enabling connections to internal services from the runner.
security-review-bot commented 2026-05-14 04:06:17 +00:00
Collaborator
Copy Link
Copy Source

[MINOR] Missing network timeouts/retries for curl may cause the job to hang or be susceptible to long delays; consider adding --max-time/--connect-timeout and bounded retries.

**[MINOR]** Missing network timeouts/retries for curl may cause the job to hang or be susceptible to long delays; consider adding --max-time/--connect-timeout and bounded retries.
security-review-bot marked this conversation as resolved
.gitea/actions/review/action.yml
@@ -142,2 +157,4 @@
SERVER_URL="${{ steps.version.outputs.server-url }}"
ACTION_REPO="${{ steps.version.outputs.action-repo }}"
VERSION="${{ steps.version.outputs.version }}"
BINARY="review-bot-linux-amd64"
security-review-bot commented 2026-05-14 04:06:17 +00:00
Collaborator
Copy Link
Copy Source

[MAJOR] Command injection risk: unvalidated inputs (SERVER_URL and ACTION_REPO) are used in curl URLs ("${SERVER_URL}/${ACTION_REPO}/releases/download..."). Embedded $(...) or backticks in either value will trigger command substitution and arbitrary command execution.

**[MAJOR]** Command injection risk: unvalidated inputs (SERVER_URL and ACTION_REPO) are used in curl URLs ("${SERVER_URL}/${ACTION_REPO}/releases/download..."). Embedded $(...) or backticks in either value will trigger command substitution and arbitrary command execution.
security-review-bot marked this conversation as resolved
.github/actions/review/action.yml
@@ -112,10 +116,21 @@ runs:
id: version
security-review-bot commented 2026-05-14 04:06:17 +00:00
Collaborator
Copy Link
Copy Source

[MINOR] No enforcement of HTTPS for SERVER_URL; permitting non-HTTPS allows downgrade/MITM when downloading and executing the binary.

**[MINOR]** No enforcement of HTTPS for SERVER_URL; permitting non-HTTPS allows downgrade/MITM when downloading and executing the binary.
security-review-bot marked this conversation as resolved
.github/actions/review/action.yml
@@ -117,0 +127,4 @@
fi
ACTION_REPO="${{ inputs.action-repo || '' }}"
if [ -z "$ACTION_REPO" ]; then
ACTION_REPO="$DEFAULT_ACTION_REPO"
security-review-bot commented 2026-05-14 04:06:17 +00:00
Collaborator
Copy Link
Copy Source

[MAJOR] Command injection risk: unvalidated ACTION_REPO is expanded into curl URL ("${API_BASE}/repos/${ACTION_REPO}/...") and may execute $(...) or ... via command substitution.

**[MAJOR]** Command injection risk: unvalidated ACTION_REPO is expanded into curl URL ("${API_BASE}/repos/${ACTION_REPO}/...") and may execute $(...) or `...` via command substitution.
security-review-bot commented 2026-05-14 04:06:17 +00:00
Collaborator
Copy Link
Copy Source

[MINOR] Potential SSRF/internal network access: SERVER_URL is used for server-side requests without validation or allowlisting, enabling connections to arbitrary hosts from the runner.

**[MINOR]** Potential SSRF/internal network access: SERVER_URL is used for server-side requests without validation or allowlisting, enabling connections to arbitrary hosts from the runner.
security-review-bot commented 2026-05-14 04:06:17 +00:00
Collaborator
Copy Link
Copy Source

[MINOR] Missing network timeouts/retries for curl may cause hangs; add --max-time/--connect-timeout and safe retry logic.

**[MINOR]** Missing network timeouts/retries for curl may cause hangs; add --max-time/--connect-timeout and safe retry logic.
security-review-bot marked this conversation as resolved
.github/actions/review/action.yml
@@ -142,2 +157,4 @@
SERVER_URL="${{ steps.version.outputs.server-url }}"
ACTION_REPO="${{ steps.version.outputs.action-repo }}"
VERSION="${{ steps.version.outputs.version }}"
BINARY="review-bot-linux-amd64"
security-review-bot commented 2026-05-14 04:06:17 +00:00
Collaborator
Copy Link
Copy Source

[MAJOR] Command injection risk: unvalidated SERVER_URL and ACTION_REPO are used in curl calls ("${SERVER_URL}/${ACTION_REPO}/releases/download...") allowing command substitution if inputs contain $(...) or backticks.

**[MAJOR]** Command injection risk: unvalidated SERVER_URL and ACTION_REPO are used in curl calls ("${SERVER_URL}/${ACTION_REPO}/releases/download...") allowing command substitution if inputs contain $(...) or backticks.
security-review-bot marked this conversation as resolved
gpt-review-bot approved these changes 2026-05-14 04:06:22 +00:00
gpt-review-bot left a comment
First-time contributor
Copy Link
Copy Source

Original review

Supersededsee current review for up-to-date findings.

Previous findings (commit 3ac5e5dc)

Gpt Review

Summary

Solid improvements to make the composite action work across Gitea and GitHub Enterprise by detecting API base, decoupling the action binary repo, and aligning env vars with the binary. CI passed and the two action files are kept in sync; overall changes look correct and pragmatic.

Findings

# Severity File Line Finding
1 [MINOR] .gitea/actions/review/action.yml 125 VCS host detection relies on a simple substring match (grep -qi 'gitea' on server_url). This will misclassify Gitea instances without 'gitea' in the hostname (e.g., code.example.com), breaking API calls by selecting /api/v3. Consider a more robust detection (e.g., explicit input, or probing a known endpoint) or an input to force API version.
2 [NIT] .gitea/actions/review/action.yml 137 The GitHub Releases API uses per_page=1 rather than limit=1. While GitHub ignores unknown params and still returns releases, using per_page=1 would be more correct for GitHub and reduce payload size; you can keep limit for Gitea.
3 [MINOR] .github/actions/review/action.yml 125 Same VCS detection heuristic issue as in the Gitea action: relying on 'gitea' substring in server_url may mis-detect some Gitea instances. Provide an explicit override or more robust probe to avoid false negatives.
4 [NIT] .github/actions/review/action.yml 137 Same API pagination parameter note: prefer per_page=1 for GitHub to explicitly limit results; limit=1 is a Gitea parameter.

Recommendation

APPROVE — The refactor to detect API base paths, add an explicit action-repo input, and align environment variables with the review-bot expectations is well done and should improve cross-platform behavior. CI passed and both composite action files are kept in sync, which is great. Before broader adoption, consider adding an explicit input to select the VCS/API type (or a more robust probe) to avoid mis-detecting Gitea instances whose hostnames do not contain 'gitea'. Also, for the GitHub API call, switch to per_page=1 to reduce payload size and be semantically correct. These are minor enhancements and do not block merge.

Review by gpt

Evaluated against 3ac5e5dc

~~Original review~~ **Superseded** — [see current review](https://gitea.weiker.me/rodin/review-bot/pulls/122#pullrequestreview-3638) for up-to-date findings. <details><summary>Previous findings (commit 3ac5e5dc)</summary> # Gpt Review ## Summary Solid improvements to make the composite action work across Gitea and GitHub Enterprise by detecting API base, decoupling the action binary repo, and aligning env vars with the binary. CI passed and the two action files are kept in sync; overall changes look correct and pragmatic. ## Findings | # | Severity | File | Line | Finding | |---|----------|------|------|--------| | 1 | [MINOR] | `.gitea/actions/review/action.yml` | 125 | VCS host detection relies on a simple substring match (`grep -qi 'gitea'` on server_url). This will misclassify Gitea instances without 'gitea' in the hostname (e.g., code.example.com), breaking API calls by selecting /api/v3. Consider a more robust detection (e.g., explicit input, or probing a known endpoint) or an input to force API version. | | 2 | [NIT] | `.gitea/actions/review/action.yml` | 137 | The GitHub Releases API uses `per_page=1` rather than `limit=1`. While GitHub ignores unknown params and still returns releases, using `per_page=1` would be more correct for GitHub and reduce payload size; you can keep `limit` for Gitea. | | 3 | [MINOR] | `.github/actions/review/action.yml` | 125 | Same VCS detection heuristic issue as in the Gitea action: relying on `'gitea'` substring in server_url may mis-detect some Gitea instances. Provide an explicit override or more robust probe to avoid false negatives. | | 4 | [NIT] | `.github/actions/review/action.yml` | 137 | Same API pagination parameter note: prefer `per_page=1` for GitHub to explicitly limit results; `limit=1` is a Gitea parameter. | ## Recommendation **APPROVE** — The refactor to detect API base paths, add an explicit action-repo input, and align environment variables with the review-bot expectations is well done and should improve cross-platform behavior. CI passed and both composite action files are kept in sync, which is great. Before broader adoption, consider adding an explicit input to select the VCS/API type (or a more robust probe) to avoid mis-detecting Gitea instances whose hostnames do not contain 'gitea'. Also, for the GitHub API call, switch to `per_page=1` to reduce payload size and be semantically correct. These are minor enhancements and do not block merge. --- *Review by gpt* <!-- review-bot:gpt --> --- *Evaluated against 3ac5e5dc* </details> <!-- review-bot:gpt -->
.gitea/actions/review/action.yml
@@ -117,0 +122,4 @@
API_BASE="${SERVER_URL}/api/v1"
DEFAULT_ACTION_REPO="rodin/review-bot"
else
API_BASE="${SERVER_URL}/api/v3"
gpt-review-bot commented 2026-05-14 04:06:22 +00:00
First-time contributor
Copy Link
Copy Source

[MINOR] VCS host detection relies on a simple substring match (grep -qi 'gitea' on server_url). This will misclassify Gitea instances without 'gitea' in the hostname (e.g., code.example.com), breaking API calls by selecting /api/v3. Consider a more robust detection (e.g., explicit input, or probing a known endpoint) or an input to force API version.

**[MINOR]** VCS host detection relies on a simple substring match (`grep -qi 'gitea'` on server_url). This will misclassify Gitea instances without 'gitea' in the hostname (e.g., code.example.com), breaking API calls by selecting /api/v3. Consider a more robust detection (e.g., explicit input, or probing a known endpoint) or an input to force API version.
.github/actions/review/action.yml
@@ -117,0 +122,4 @@
API_BASE="${SERVER_URL}/api/v1"
DEFAULT_ACTION_REPO="rodin/review-bot"
else
API_BASE="${SERVER_URL}/api/v3"
gpt-review-bot commented 2026-05-14 04:06:22 +00:00
First-time contributor
Copy Link
Copy Source

[MINOR] Same VCS detection heuristic issue as in the Gitea action: relying on 'gitea' substring in server_url may mis-detect some Gitea instances. Provide an explicit override or more robust probe to avoid false negatives.

**[MINOR]** Same VCS detection heuristic issue as in the Gitea action: relying on `'gitea'` substring in server_url may mis-detect some Gitea instances. Provide an explicit override or more robust probe to avoid false negatives.
rodin added 1 commit 2026-05-14 04:07:04 +00:00
chore: use dry-run in review.yml (GHE has no releases yet, validate infra)
PR Ready Gate / clear-labels (pull_request) Successful in 1s
Details
CI / test (pull_request) Successful in 20s
Details
CI / review (anthropic--claude-4.6-sonnet, sonnet, SONNET_REVIEW_TOKEN) (pull_request) Successful in 29s
Details
CI / review (gpt-5, security, ., rodin/security-patterns, SECURITY_REVIEW.md, SECURITY_REVIEW_TOKEN) (pull_request) Successful in 1m2s
Details
CI / review (gpt-5, gpt, GPT_REVIEW_TOKEN) (pull_request) Successful in 1m31s
Details
db13078196 
The self-test workflow on github.concur.com runs the action with:
- gitea-url=https://gitea.weiker.me (binary download source)
- dry-run=true (avoids PR# mismatch between GHE and Gitea)

This validates:
- Binary download and checksum verification works from a GitHub runner
- GITHUB_SERVER_URL/GITHUB_REPOSITORY env vars are correctly passed
- AiCore provider authenticates and LLM call succeeds

When strat/review-bot has its own releases, remove gitea-url override and dry-run.
sonnet-review-bot approved these changes 2026-05-14 04:07:55 +00:00
sonnet-review-bot left a comment
First-time contributor
Copy Link
Copy Source

Sonnet Review

Summary

This PR fixes multi-VCS support by detecting whether the server is Gitea or GitHub and selecting the appropriate API path and default action repo. The changes are clean, consistent across both action files, and the critical env var rename (GITEA_URL/GITEA_REPO → GITHUB_SERVER_URL/GITHUB_REPOSITORY) is correct. CI passes.

Findings

# Severity File Line Finding
1 [MINOR] .gitea/actions/review/action.yml 119 The VCS detection heuristic grep -qi 'gitea' is hostname-based string matching. A GitHub Enterprise instance at a URL like https://github.example-gitea-internal.com would incorrectly be detected as Gitea and use /api/v1/. This is an edge case, but since the input is gitea-url (user-supplied), it's possible a user passes a GHE URL that happens to contain 'gitea' in the domain. The approach is pragmatic and acceptable for the known use cases, but worth documenting or guarding.
2 [MINOR] .github/workflows/review.yml 30 The self-test workflow uses ./.gitea/actions/review (the Gitea action path) even though it runs on GitHub. This means the GitHub runner will execute the .gitea/actions/review/action.yml file. This is intentional based on the comment ('Download binary from Gitea, post review to Gitea'), but it's slightly odd that the GitHub workflow uses the .gitea action path — the two action files are now identical, so it works, but it could confuse future maintainers who expect .github/workflows to use .github/actions.
3 [NIT] .gitea/actions/review/action.yml 128 `ACTION_REPO="${{ inputs.action-repo

Recommendation

APPROVE — Approve. The core changes are correct and well-structured: VCS detection logic is consistent across both action files, the API path selection is sound for the documented use cases, the env var rename fixes the real bug, and the two action files are now kept in sync. The minor findings are edge cases that don't affect the stated requirements. The self-test workflow is a good addition. No blocking issues.

Review by sonnet

Evaluated against db130781

# Sonnet Review ## Summary This PR fixes multi-VCS support by detecting whether the server is Gitea or GitHub and selecting the appropriate API path and default action repo. The changes are clean, consistent across both action files, and the critical env var rename (GITEA_URL/GITEA_REPO → GITHUB_SERVER_URL/GITHUB_REPOSITORY) is correct. CI passes. ## Findings | # | Severity | File | Line | Finding | |---|----------|------|------|--------| | 1 | [MINOR] | `.gitea/actions/review/action.yml` | 119 | The VCS detection heuristic `grep -qi 'gitea'` is hostname-based string matching. A GitHub Enterprise instance at a URL like `https://github.example-gitea-internal.com` would incorrectly be detected as Gitea and use `/api/v1/`. This is an edge case, but since the input is `gitea-url` (user-supplied), it's possible a user passes a GHE URL that happens to contain 'gitea' in the domain. The approach is pragmatic and acceptable for the known use cases, but worth documenting or guarding. | | 2 | [MINOR] | `.github/workflows/review.yml` | 30 | The self-test workflow uses `./.gitea/actions/review` (the Gitea action path) even though it runs on GitHub. This means the GitHub runner will execute the `.gitea/actions/review/action.yml` file. This is intentional based on the comment ('Download binary from Gitea, post review to Gitea'), but it's slightly odd that the GitHub workflow uses the `.gitea` action path — the two action files are now identical, so it works, but it could confuse future maintainers who expect `.github/workflows` to use `.github/actions`. | | 3 | [NIT] | `.gitea/actions/review/action.yml` | 128 | `ACTION_REPO="${{ inputs.action-repo || '' }}"` — the `|| ''` is redundant since the input already has `default: ''`. It's harmless but slightly noisy. | ## Recommendation **APPROVE** — Approve. The core changes are correct and well-structured: VCS detection logic is consistent across both action files, the API path selection is sound for the documented use cases, the env var rename fixes the real bug, and the two action files are now kept in sync. The minor findings are edge cases that don't affect the stated requirements. The self-test workflow is a good addition. No blocking issues. --- *Review by sonnet* <!-- review-bot:sonnet --> --- *Evaluated against db130781*
.gitea/actions/review/action.yml
@@ -114,3 +118,2 @@
run: |
GITEA_URL="${{ inputs.gitea-url || github.server_url }}"
REPO="${{ inputs.repo || 'rodin/review-bot' }}"
SERVER_URL="${{ inputs.gitea-url || github.server_url }}"
sonnet-review-bot commented 2026-05-14 04:07:55 +00:00
First-time contributor
Copy Link
Copy Source

[MINOR] The VCS detection heuristic grep -qi 'gitea' is hostname-based string matching. A GitHub Enterprise instance at a URL like https://github.example-gitea-internal.com would incorrectly be detected as Gitea and use /api/v1/. This is an edge case, but since the input is gitea-url (user-supplied), it's possible a user passes a GHE URL that happens to contain 'gitea' in the domain. The approach is pragmatic and acceptable for the known use cases, but worth documenting or guarding.

**[MINOR]** The VCS detection heuristic `grep -qi 'gitea'` is hostname-based string matching. A GitHub Enterprise instance at a URL like `https://github.example-gitea-internal.com` would incorrectly be detected as Gitea and use `/api/v1/`. This is an edge case, but since the input is `gitea-url` (user-supplied), it's possible a user passes a GHE URL that happens to contain 'gitea' in the domain. The approach is pragmatic and acceptable for the known use cases, but worth documenting or guarding.
.gitea/actions/review/action.yml
@@ -117,0 +125,4 @@
API_BASE="${SERVER_URL}/api/v3"
DEFAULT_ACTION_REPO="strat/review-bot"
fi
ACTION_REPO="${{ inputs.action-repo || '' }}"
sonnet-review-bot commented 2026-05-14 04:07:55 +00:00
First-time contributor
Copy Link
Copy Source

[NIT] ACTION_REPO="${{ inputs.action-repo || '' }}" — the || '' is redundant since the input already has default: ''. It's harmless but slightly noisy.

**[NIT]** `ACTION_REPO="${{ inputs.action-repo || '' }}"` — the `|| ''` is redundant since the input already has `default: ''`. It's harmless but slightly noisy.
.github/workflows/review.yml
@@ -0,0 +27,4 @@
- name: Run ${{ matrix.name }} review
uses: ./.gitea/actions/review
with:
# Download binary from Gitea (releases live there, not on GHE)
sonnet-review-bot commented 2026-05-14 04:07:55 +00:00
First-time contributor
Copy Link
Copy Source

[MINOR] The self-test workflow uses ./.gitea/actions/review (the Gitea action path) even though it runs on GitHub. This means the GitHub runner will execute the .gitea/actions/review/action.yml file. This is intentional based on the comment ('Download binary from Gitea, post review to Gitea'), but it's slightly odd that the GitHub workflow uses the .gitea action path — the two action files are now identical, so it works, but it could confuse future maintainers who expect .github/workflows to use .github/actions.

**[MINOR]** The self-test workflow uses `./.gitea/actions/review` (the Gitea action path) even though it runs on GitHub. This means the GitHub runner will execute the `.gitea/actions/review/action.yml` file. This is intentional based on the comment ('Download binary from Gitea, post review to Gitea'), but it's slightly odd that the GitHub workflow uses the `.gitea` action path — the two action files are now identical, so it works, but it could confuse future maintainers who expect `.github/workflows` to use `.github/actions`.
security-review-bot requested review from security-review-bot 2026-05-14 04:08:29 +00:00
security-review-bot approved these changes 2026-05-14 04:08:30 +00:00
security-review-bot left a comment
Collaborator
Copy Link
Copy Source

Security Review

Summary

Security-impacting changes are minimal and CI passed. The VCS host detection, repo derivation, and environment alignment look sound, and no exploitable vulnerabilities are introduced by the diff. A few defense-in-depth improvements are suggested.

Findings

# Severity File Line Finding
1 [MINOR] .gitea/actions/review/action.yml 154 The binary integrity check relies on a checksums.txt downloaded from the same untrusted release source. If ACTION_REPO or SERVER_URL are misconfigured or attacker-controlled (via workflow inputs), a malicious binary and matching checksum could be served and executed with access to secrets. Consider verifying signatures, pinning to an allowlist of repos, or pinning versions/hashes from a trusted source.
2 [MINOR] .github/actions/review/action.yml 154 Same supply-chain concern as above: the checksum file is fetched from the same source as the binary, which does not provide strong integrity guarantees if inputs are misconfigured. Strengthen verification by using signed releases or a maintained allowlist of action repos and expected hashes.
3 [NIT] .gitea/actions/review/action.yml 116 Network requests (curl) do not specify explicit timeouts, which can cause long hangs under adverse network conditions. Consider adding --max-time or --connect-timeout to reduce DoS risk from slow/unresponsive endpoints.
4 [NIT] .github/actions/review/action.yml 116 Network requests (curl) lack explicit timeouts. Adding timeouts (--max-time/--connect-timeout) can improve robustness and reduce the risk of workflow stalls.

Recommendation

APPROVE — Approve the PR. The changes correctly detect the VCS host to select the appropriate API path, separate the download repo from the review target, and align environment variables with the binary’s expectations, all without introducing new exploitable issues. For defense-in-depth, strengthen binary integrity verification (e.g., signed releases, allowlisting known repos, or pinning versions/hashes stored in the repo) and add explicit curl timeouts to avoid potential hangs.

Review by security

Evaluated against db130781

# Security Review ## Summary Security-impacting changes are minimal and CI passed. The VCS host detection, repo derivation, and environment alignment look sound, and no exploitable vulnerabilities are introduced by the diff. A few defense-in-depth improvements are suggested. ## Findings | # | Severity | File | Line | Finding | |---|----------|------|------|--------| | 1 | [MINOR] | `.gitea/actions/review/action.yml` | 154 | The binary integrity check relies on a checksums.txt downloaded from the same untrusted release source. If ACTION_REPO or SERVER_URL are misconfigured or attacker-controlled (via workflow inputs), a malicious binary and matching checksum could be served and executed with access to secrets. Consider verifying signatures, pinning to an allowlist of repos, or pinning versions/hashes from a trusted source. | | 2 | [MINOR] | `.github/actions/review/action.yml` | 154 | Same supply-chain concern as above: the checksum file is fetched from the same source as the binary, which does not provide strong integrity guarantees if inputs are misconfigured. Strengthen verification by using signed releases or a maintained allowlist of action repos and expected hashes. | | 3 | [NIT] | `.gitea/actions/review/action.yml` | 116 | Network requests (curl) do not specify explicit timeouts, which can cause long hangs under adverse network conditions. Consider adding --max-time or --connect-timeout to reduce DoS risk from slow/unresponsive endpoints. | | 4 | [NIT] | `.github/actions/review/action.yml` | 116 | Network requests (curl) lack explicit timeouts. Adding timeouts (--max-time/--connect-timeout) can improve robustness and reduce the risk of workflow stalls. | ## Recommendation **APPROVE** — Approve the PR. The changes correctly detect the VCS host to select the appropriate API path, separate the download repo from the review target, and align environment variables with the binary’s expectations, all without introducing new exploitable issues. For defense-in-depth, strengthen binary integrity verification (e.g., signed releases, allowlisting known repos, or pinning versions/hashes stored in the repo) and add explicit curl timeouts to avoid potential hangs. --- *Review by security* <!-- review-bot:security --> --- *Evaluated against db130781*
.gitea/actions/review/action.yml
@@ -112,10 +116,21 @@ runs:
id: version
security-review-bot commented 2026-05-14 04:08:30 +00:00
Collaborator
Copy Link
Copy Source

[NIT] Network requests (curl) do not specify explicit timeouts, which can cause long hangs under adverse network conditions. Consider adding --max-time or --connect-timeout to reduce DoS risk from slow/unresponsive endpoints.

**[NIT]** Network requests (curl) do not specify explicit timeouts, which can cause long hangs under adverse network conditions. Consider adding --max-time or --connect-timeout to reduce DoS risk from slow/unresponsive endpoints.
.gitea/actions/review/action.yml
@@ -137,14 +154,14 @@ runs:
if: steps.cache.outputs.cache-hit != 'true'
security-review-bot commented 2026-05-14 04:08:30 +00:00
Collaborator
Copy Link
Copy Source

[MINOR] The binary integrity check relies on a checksums.txt downloaded from the same untrusted release source. If ACTION_REPO or SERVER_URL are misconfigured or attacker-controlled (via workflow inputs), a malicious binary and matching checksum could be served and executed with access to secrets. Consider verifying signatures, pinning to an allowlist of repos, or pinning versions/hashes from a trusted source.

**[MINOR]** The binary integrity check relies on a checksums.txt downloaded from the same untrusted release source. If ACTION_REPO or SERVER_URL are misconfigured or attacker-controlled (via workflow inputs), a malicious binary and matching checksum could be served and executed with access to secrets. Consider verifying signatures, pinning to an allowlist of repos, or pinning versions/hashes from a trusted source.
.github/actions/review/action.yml
@@ -112,10 +116,21 @@ runs:
id: version
security-review-bot commented 2026-05-14 04:08:30 +00:00
Collaborator
Copy Link
Copy Source

[NIT] Network requests (curl) lack explicit timeouts. Adding timeouts (--max-time/--connect-timeout) can improve robustness and reduce the risk of workflow stalls.

**[NIT]** Network requests (curl) lack explicit timeouts. Adding timeouts (--max-time/--connect-timeout) can improve robustness and reduce the risk of workflow stalls.
.github/actions/review/action.yml
@@ -137,14 +154,14 @@ runs:
if: steps.cache.outputs.cache-hit != 'true'
security-review-bot commented 2026-05-14 04:08:30 +00:00
Collaborator
Copy Link
Copy Source

[MINOR] Same supply-chain concern as above: the checksum file is fetched from the same source as the binary, which does not provide strong integrity guarantees if inputs are misconfigured. Strengthen verification by using signed releases or a maintained allowlist of action repos and expected hashes.

**[MINOR]** Same supply-chain concern as above: the checksum file is fetched from the same source as the binary, which does not provide strong integrity guarantees if inputs are misconfigured. Strengthen verification by using signed releases or a maintained allowlist of action repos and expected hashes.
gpt-review-bot approved these changes 2026-05-14 04:08:41 +00:00
gpt-review-bot left a comment
First-time contributor
Copy Link
Copy Source

Gpt Review

Summary

The changes improve platform compatibility by detecting the VCS host to select the correct API base, add an action-repo override, fix environment variable names expected by the binary, and include a self-test workflow. CI passed and the two composite actions are functionally aligned. A few minor robustness and documentation tweaks are suggested.

Findings

# Severity File Line Finding
1 [MINOR] .gitea/actions/review/action.yml 116 VCS detection relies on checking if the server URL contains the substring 'gitea'. This is brittle (a Gitea instance may not include 'gitea' in the hostname). Consider a more robust detection or a configurable input (e.g., explicit vcs-type or probing /api/v1 vs /api/v3) with fallback.
2 [MINOR] .gitea/actions/review/action.yml 126 When querying GitHub's releases API, the parameter should be 'per_page=1' rather than 'limit=1'. While GitHub ignores unknown params and still returns results, updating this would be more correct and avoid relying on default pagination. Also consider supporting an Authorization header for private repos.
3 [MINOR] .github/actions/review/action.yml 116 Same brittle VCS detection as the Gitea action: using 'grep -qi gitea' on the server URL may mis-detect non-standard Gitea hostnames. Consider a more robust detection or a user-provided override with fallback probing.
4 [MINOR] .github/actions/review/action.yml 126 Releases API call uses 'limit=1'; for GitHub v3 the canonical parameter is 'per_page=1'. Also consider adding optional Authorization to support private repos.
5 [NIT] .github/actions/review/action.yml 1 Header comment says the composite action is designed for Gitea Actions runners. Since this lives under .github/actions, consider updating the comment to reflect GitHub usage (or clarify it is compatible with both).
6 [NIT] .github/actions/review/action.yml 24 Input 'reviewer-token' description refers to 'Gitea token'. If this action is used on GitHub too, the wording may be confusing; consider clarifying it as the token for posting the review to the target VCS (Gitea/GitHub) or the appropriate server.
7 [NIT] .github/workflows/review.yml 27 The workflow uses the composite action from '.gitea/actions/review'. Since an equivalent exists in '.github/actions/review' and both are meant to be identical, consider referencing the .github path here for consistency when running on GitHub.

Recommendation

APPROVE — Overall, the PR cleanly generalizes the composite action to work across Gitea and GitHub by selecting the appropriate API base, allows an explicit action-repo override, and corrects environment variables passed to the review-bot binary. The self-test workflow is a good addition. CI is green and the two composite action files appear aligned. Before merging, consider minor improvements: make VCS detection more robust than a substring match, use 'per_page=1' for GitHub's releases API and optionally support Authorization for private repositories, and update a few comments/descriptions for clarity across platforms. These are non-blocking; the current changes look correct and maintain backward compatibility.

Review by gpt

Evaluated against db130781

# Gpt Review ## Summary The changes improve platform compatibility by detecting the VCS host to select the correct API base, add an action-repo override, fix environment variable names expected by the binary, and include a self-test workflow. CI passed and the two composite actions are functionally aligned. A few minor robustness and documentation tweaks are suggested. ## Findings | # | Severity | File | Line | Finding | |---|----------|------|------|--------| | 1 | [MINOR] | `.gitea/actions/review/action.yml` | 116 | VCS detection relies on checking if the server URL contains the substring 'gitea'. This is brittle (a Gitea instance may not include 'gitea' in the hostname). Consider a more robust detection or a configurable input (e.g., explicit vcs-type or probing /api/v1 vs /api/v3) with fallback. | | 2 | [MINOR] | `.gitea/actions/review/action.yml` | 126 | When querying GitHub's releases API, the parameter should be 'per_page=1' rather than 'limit=1'. While GitHub ignores unknown params and still returns results, updating this would be more correct and avoid relying on default pagination. Also consider supporting an Authorization header for private repos. | | 3 | [MINOR] | `.github/actions/review/action.yml` | 116 | Same brittle VCS detection as the Gitea action: using 'grep -qi gitea' on the server URL may mis-detect non-standard Gitea hostnames. Consider a more robust detection or a user-provided override with fallback probing. | | 4 | [MINOR] | `.github/actions/review/action.yml` | 126 | Releases API call uses 'limit=1'; for GitHub v3 the canonical parameter is 'per_page=1'. Also consider adding optional Authorization to support private repos. | | 5 | [NIT] | `.github/actions/review/action.yml` | 1 | Header comment says the composite action is designed for Gitea Actions runners. Since this lives under .github/actions, consider updating the comment to reflect GitHub usage (or clarify it is compatible with both). | | 6 | [NIT] | `.github/actions/review/action.yml` | 24 | Input 'reviewer-token' description refers to 'Gitea token'. If this action is used on GitHub too, the wording may be confusing; consider clarifying it as the token for posting the review to the target VCS (Gitea/GitHub) or the appropriate server. | | 7 | [NIT] | `.github/workflows/review.yml` | 27 | The workflow uses the composite action from '.gitea/actions/review'. Since an equivalent exists in '.github/actions/review' and both are meant to be identical, consider referencing the .github path here for consistency when running on GitHub. | ## Recommendation **APPROVE** — Overall, the PR cleanly generalizes the composite action to work across Gitea and GitHub by selecting the appropriate API base, allows an explicit action-repo override, and corrects environment variables passed to the review-bot binary. The self-test workflow is a good addition. CI is green and the two composite action files appear aligned. Before merging, consider minor improvements: make VCS detection more robust than a substring match, use 'per_page=1' for GitHub's releases API and optionally support Authorization for private repositories, and update a few comments/descriptions for clarity across platforms. These are non-blocking; the current changes look correct and maintain backward compatibility. --- *Review by gpt* <!-- review-bot:gpt --> --- *Evaluated against db130781*
.gitea/actions/review/action.yml
@@ -112,10 +116,21 @@ runs:
id: version
gpt-review-bot commented 2026-05-14 04:08:41 +00:00
First-time contributor
Copy Link
Copy Source

[MINOR] VCS detection relies on checking if the server URL contains the substring 'gitea'. This is brittle (a Gitea instance may not include 'gitea' in the hostname). Consider a more robust detection or a configurable input (e.g., explicit vcs-type or probing /api/v1 vs /api/v3) with fallback.

**[MINOR]** VCS detection relies on checking if the server URL contains the substring 'gitea'. This is brittle (a Gitea instance may not include 'gitea' in the hostname). Consider a more robust detection or a configurable input (e.g., explicit vcs-type or probing /api/v1 vs /api/v3) with fallback.
.gitea/actions/review/action.yml
@@ -117,0 +123,4 @@
DEFAULT_ACTION_REPO="rodin/review-bot"
else
API_BASE="${SERVER_URL}/api/v3"
DEFAULT_ACTION_REPO="strat/review-bot"
gpt-review-bot commented 2026-05-14 04:08:41 +00:00
First-time contributor
Copy Link
Copy Source

[MINOR] When querying GitHub's releases API, the parameter should be 'per_page=1' rather than 'limit=1'. While GitHub ignores unknown params and still returns results, updating this would be more correct and avoid relying on default pagination. Also consider supporting an Authorization header for private repos.

**[MINOR]** When querying GitHub's releases API, the parameter should be 'per_page=1' rather than 'limit=1'. While GitHub ignores unknown params and still returns results, updating this would be more correct and avoid relying on default pagination. Also consider supporting an Authorization header for private repos.
.github/actions/review/action.yml
@@ -112,10 +116,21 @@ runs:
id: version
gpt-review-bot commented 2026-05-14 04:08:41 +00:00
First-time contributor
Copy Link
Copy Source

[MINOR] Same brittle VCS detection as the Gitea action: using 'grep -qi gitea' on the server URL may mis-detect non-standard Gitea hostnames. Consider a more robust detection or a user-provided override with fallback probing.

**[MINOR]** Same brittle VCS detection as the Gitea action: using 'grep -qi gitea' on the server URL may mis-detect non-standard Gitea hostnames. Consider a more robust detection or a user-provided override with fallback probing.
.github/actions/review/action.yml
@@ -117,0 +123,4 @@
DEFAULT_ACTION_REPO="rodin/review-bot"
else
API_BASE="${SERVER_URL}/api/v3"
DEFAULT_ACTION_REPO="strat/review-bot"
gpt-review-bot commented 2026-05-14 04:08:41 +00:00
First-time contributor
Copy Link
Copy Source

[MINOR] Releases API call uses 'limit=1'; for GitHub v3 the canonical parameter is 'per_page=1'. Also consider adding optional Authorization to support private repos.

**[MINOR]** Releases API call uses 'limit=1'; for GitHub v3 the canonical parameter is 'per_page=1'. Also consider adding optional Authorization to support private repos.
.github/workflows/review.yml
@@ -0,0 +24,4 @@
model: gpt-5
steps:
- uses: actions/checkout@v4
- name: Run ${{ matrix.name }} review
gpt-review-bot commented 2026-05-14 04:08:41 +00:00
First-time contributor
Copy Link
Copy Source

[NIT] The workflow uses the composite action from '.gitea/actions/review'. Since an equivalent exists in '.github/actions/review' and both are meant to be identical, consider referencing the .github path here for consistency when running on GitHub.

**[NIT]** The workflow uses the composite action from '.gitea/actions/review'. Since an equivalent exists in '.github/actions/review' and both are meant to be identical, consider referencing the .github path here for consistency when running on GitHub.
rodin closed this pull request 2026-05-14 04:11:47 +00:00
rodin commented 2026-05-14 04:11:51 +00:00
Author
Owner
Copy Link
Copy Source

Closing as duplicate of #121, which targets main directly with the same fix.

Closing as duplicate of #121, which targets `main` directly with the same fix.
Some checks are pending
PR Ready Gate / clear-labels (pull_request) Successful in 1s
Details
CI / test (pull_request) Successful in 20s
Details
CI / review (anthropic--claude-4.6-sonnet, sonnet, SONNET_REVIEW_TOKEN) (pull_request) Successful in 29s
Details
CI / review (gpt-5, security, ., rodin/security-patterns, SECURITY_REVIEW.md, SECURITY_REVIEW_TOKEN) (pull_request) Successful in 1m2s
Details
CI / review (gpt-5, gpt, GPT_REVIEW_TOKEN) (pull_request) Successful in 1m31s
Details

Pull request closed

Please reopen this pull request to perform a merge.
Sign in to join this conversation.
Reviewers
No Reviewers
sonnet-review-bot
security-review-bot
gpt-review-bot
Labels
Clear labels
ai-review
bug
needs-review
ready
Ready for human review
 self-reviewed
Self-review passed since last push
 wip
Work in progress - do not start new work on this PR
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
security-review-bot rodin (Rodin)
No Assignees
4 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: rodin/review-bot#122
Delete Branch "issue-120"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?