Close 9 open CodeQL/Dependabot alerts (workflow permissions + torch in test fixtures)#1035
Merged
ackizilkale merged 3 commits intomasterfrom May 6, 2026
Merged
Conversation
Closes the five `actions/missing-workflow-permissions` CodeQL alerts. - publish.yml: workflow-level `contents: read`; the `publish-github-release` job overrides with `contents: write` (needed by softprops/action-gh-release to create the GitHub Release). PyPI upload uses TWINE_USERNAME/PASSWORD, not GITHUB_TOKEN, so no extra scope needed there. - run_tests.yml: `contents: read` + `pull-requests: write` (for marocchino/sticky-pull-request-comment posting coverage results). - run_tests_staging.yml / run_tests_prod.yml: `contents: read` only — these are scheduled callers that delegate to run_tests.yml, and the PR-comment step has `if: github.event_name == 'pull_request'` so it never fires on cron runs. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Closes Dependabot alerts #35, #37, #45, #46: - CVE-2025-2953 (low) "PyTorch susceptible to local Denial of Service" — patched in 2.7.1-rc1 - CVE-2025-3730 (medium) "PyTorch Improper Resource Shutdown or Release" — patched in 2.8.0 These are dummy fixtures used by the SDK's runner-protocol tests, not production SDK code. Bumping to 2.8.0 covers both CVEs. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Contributor
There was a problem hiding this comment.
Pull request overview
This PR addresses remaining CodeQL and Dependabot security alerts by tightening default GITHUB_TOKEN permissions across GitHub Actions workflows and updating the pinned torch version used only in test runner fixtures.
Changes:
- Add explicit
permissionsblocks to workflows to avoid overly broad defaultGITHUB_TOKENscopes. - Grant job-scoped
contents: writeonly where GitHub Releases are created. - Bump
torchfrom2.6.0to2.8.0in test runner fixture requirements to pick up CVE fixes.
Reviewed changes
Copilot reviewed 6 out of 6 changed files in this pull request and generated 1 comment.
Show a summary per file
| File | Description |
|---|---|
.github/workflows/publish.yml |
Adds explicit workflow token permissions and scopes contents: write to the release job only. |
.github/workflows/run_tests.yml |
Adds explicit token permissions for checkout and PR coverage commenting. |
.github/workflows/run_tests_staging.yml |
Adds explicit contents: read permissions for scheduled staging test invocations. |
.github/workflows/run_tests_prod.yml |
Adds explicit contents: read permissions for scheduled prod test invocations. |
tests/runners/dummy_vllm_models/requirements.txt |
Updates test-fixture torch pin to 2.8.0. |
tests/runners/hf_mbart_model/requirements.txt |
Updates test-fixture torch pin to 2.8.0. |
Comment on lines
+25
to
+28
| permissions: | ||
| contents: read | ||
| pull-requests: write # for sticky-pull-request-comment posting coverage results | ||
|
|
Contributor
There was a problem hiding this comment.
Done in commit 3e11ae6. Workflow-level permissions are now contents: read only. pull-requests: write has been moved to a new dedicated coverage-comment job that has if: github.event_name == 'pull_request' at the job level, so it never runs on push to master. The build job uploads code-coverage-results.md as an artifact (for Linux + Python 3.11 only), which the new job downloads before posting the PR comment.
… coverage-comment job Agent-Logs-Url: https://github.com/Clarifai/clarifai-python/sessions/5d065865-0235-4e06-add6-90ef405f2466 Co-authored-by: sanjaychelliah <65780631+sanjaychelliah@users.noreply.github.com>
Minimum allowed line rate is |
sanjaychelliah
approved these changes
May 6, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Closes the 9 remaining open security alerts on
master:actions/missing-workflow-permissions(Bugs in client / example #3, Make client pip installable #4, Use setuptools so the client can be pip-installed. #5, Import gives ApiError, ApiThrottledError, ApiBadRequestError #6, Update __init__.py #7)Commits
1.
fd198a4— Add explicit GITHUB_TOKEN permissions to workflowspublish.ymlcontents: readpublish-github-releasejob:contents: writecontents: writeforsoftprops/action-gh-release.run_tests.ymlcontents: readpull-requests: writemarocchino/sticky-pull-request-commentwhich posts on PRs.run_tests_staging.yml/run_tests_prod.ymlcontents: readif: github.event_name == 'pull_request'so it never fires here.2.
8f5714d— Bump torch to 2.8.0 in test runner fixturesTest fixtures only — not shipped SDK code:
tests/runners/dummy_vllm_models/requirements.txt:torch==2.6.0→2.8.0tests/runners/hf_mbart_model/requirements.txt:torch==2.6.0→2.8.0Covers both CVEs:
Test plan
yaml.safe_loadround-trip parses all 4 workflow files cleanly.🤖 Generated with Claude Code