Skip to content

[plan] Fix credential persistence (artipacked) in release.md workflow #9993

New issue
New issue
Closed as not planned
Closed as not planned
[plan] Fix credential persistence (artipacked) in release.md workflow#9993
Assignees
mnkiefercopilot-swe-agent
Labels
ai-generatedplan
@github-actions

Description

@github-actions
github-actions
bot
opened on Jan 14, 2026

Objective

Prevent credentials from persisting in GitHub Actions artifacts for .github/workflows/release.md workflow.

Context

Severity: Medium
Tool: zizmor (2 findings)
Issue: Credentials may be exposed through artifact downloads
Reference: https://docs.zizmor.sh/audits/#artipacked

When workflows use actions/upload-artifact after authentication steps, there's a risk that credentials (tokens, keys, etc.) could be included in the artifacts. This creates a security risk if artifacts are accessible to unauthorized users.

Approach

  1. Review .github/workflows/release.md to identify artifact upload steps
  2. Check if any authentication credentials are present in uploaded directories
  3. Implement one or more mitigations:
    • Use actions/upload-artifact exclude patterns for sensitive files
    • Clear credentials before artifact upload (e.g., remove .netrc, clear env vars)
    • Move artifact uploads before authentication steps (if possible)
    • Add explicit cleanup steps before uploads

Files to Modify

  • .github/workflows/release.md

Example Mitigations

Option 1: Exclude sensitive files

- name: Upload artifacts
  uses: actions/upload-artifact@v4
  with:
    name: release-assets
    path: dist/
    if-no-files-found: error
    # Exclude credential files
    exclude: |
      **/.netrc
      **/.npmrc
      **/.git-credentials

Option 2: Explicit cleanup

- name: Clean credentials before upload
  run: |
    rm -f ~/.netrc ~/.npmrc ~/.git-credentials
    unset GITHUB_TOKEN GH_TOKEN

- name: Upload artifacts
  uses: actions/upload-artifact@v4
  with:
    name: release-assets
    path: dist/

Acceptance Criteria

  • Credentials cannot be found in uploaded artifacts
  • Workflow compiles successfully with make recompile
  • Zizmor scan no longer reports artipacked for release.md
  • Release functionality remains intact
  • Artifacts still contain all necessary release assets

Testing

# Compile workflow
make build
./gh-aw compile .github/workflows/release.md

# Run zizmor to verify the fix
zizmor .github/workflows/release.lock.yml

# Test release workflow (if safe to trigger)
# Manually verify artifacts don't contain credentials

Related to #9990

AI generated by Plan Command for discussion #9966

Metadata

Metadata

Assignees

Labels

ai-generatedplan

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions