fix(security): batch close 4 GitHub security alerts (SMI-4499/4501/4502/4504)#805
Merged
wrsmith108 merged 1 commit intomainfrom Apr 27, 2026
Merged
Conversation
E2E Test ResultsE2E Test Results - April 27, 2026Summary
Test Results
Generated by skillsmith E2E test suite |
9 tasks
E2E Test ResultsE2E Test Results - April 27, 2026Summary
Test Results
Generated by skillsmith E2E test suite |
wrsmith108
added a commit
that referenced
this pull request
Apr 27, 2026
…500) (#806) * fix(security): bump astro to 6.1.9 to close XSS in define:vars (SMI-4500) Closes Dependabot alerts #92 (packages/website/package.json) and #93 (package-lock.json) — both surface GHSA-j687-52p2-xcff (astro <6.1.6 XSS in define:vars via incomplete </script> tag sanitization). Changes: - packages/website/package.json: astro 6.1.3 → 6.1.9 (exact-pin per SMI-2162 audit:standards rule 12; ^6.1.6 was rejected as semver range) - package.json devDependencies: add astro 6.1.9 to force hoisting at /app/node_modules/astro. Without this, npm 11 places astro only at packages/website/node_modules/astro, but @astrojs/vercel@10.0.4 is hoisted at root and resolves astro via ESM from /app/node_modules/, causing "Cannot find package 'astro'" build error. - package.json overrides: drop "astro": "^5.18.1". Was added in SMI-3688 (PR #629) for the SSRF CVE in 5.x via @astrojs/vercel's pinned chain. No longer needed: @astrojs/vercel@10.0.4 declares peer "astro: ^6.0.0", so it accepts the website's 6.1.9 directly. Override removal also resolves "EOVERRIDE: Override for astro@6.1.9 conflicts with direct dependency" error when both override and direct dep specify the same exact version. Verification: - npm install -> clean - npm ls astro -> all chains at 6.1.9 (no <6.1.6, no 5.x) - npm audit --omit=dev -> astro alert resolved (remaining uuid<14 chain via @azure/msal-node > unstorage > astro is PR-1/SMI-4501 territory, cleared once PR #805 merges and the uuid: ^14 override applies) - npm run build -w packages/website -> Complete (0 errors, 0 hints, 68 [WARN] about Astro.request.headers on prerendered pages — these are pre-existing tech debt; website was already on astro@6.1.3 before this change. Not introduced by this commit. Follow-up Linear issue should capture the 13 affected .astro pages.) - npm test -w @skillsmith/website -> 171/171 pass - npm run lint -> clean - npm run typecheck -> clean - npm run format:check -> clean - npm run audit:standards -> 49 pass / 6 warns / 0 fail (89% compliance, baseline matches main) Linear: https://linear.app/smith-horn-group/issue/SMI-4500 Project: GitHub Security Alerts (April 2026) Closes Dependabot alerts #92, #93 Co-Authored-By: claude-flow <ruv@ruv.net> Co-Authored-By: Claude <noreply@anthropic.com> * fix(deps): preserve multi-platform rollup native pins after astro 6.1.9 bump Restores the lockfile state SMI-3984 (PR #490) carefully constructed to pin @rollup/rollup-{darwin-arm64,darwin-x64,linux-arm64-gnu,linux-x64-gnu,linux-x64-musl} across all CI platforms. The original SMI-4500 commit (67b7a74) regenerated package-lock.json from scratch via `rm -f package-lock.json && npm install` inside the skillsmith-dev-1 container. That container runs linux/arm64 (Apple Silicon Docker Desktop), so the regenerated lockfile only pinned the arm64 native binding. CI runs on linux/x64 (ubuntu-latest) and could not load the rollup native module — every Test (*) job and Website Build failed with MODULE_NOT_FOUND on /app/node_modules/rollup/dist/native.js. Fix: copy package-lock.json from origin/main (which still has all 5 platform pins from SMI-3984), then surgical-remove the stale `packages/website/node_modules/astro@6.1.3` block (left over from when the override was `^5.18.1` and the website's astro had to nest), then re-run `npm install` to refresh other entries. Lockfile now has both: - All 5 rollup platform native packages pinned (verified via node -e "console.log(!!require('./package-lock.json').packages['node_modules/@rollup/rollup-linux-x64-gnu'])") - astro@6.1.9 hoisted to root with no nested copy in packages/website/node_modules/ Verification: - `npm ls astro` -> all chains show astro@6.1.9 deduped at root - `npm run build -w packages/website` -> Complete (5.94s) - `npm test -w @skillsmith/website` -> 171/171 pass - `npm run lint` / `typecheck` / `format:check` -> clean - `npm run audit:standards` -> 91% baseline This unblocks PR #806 CI. Future lockfile regenerations should either: 1. Run inside a `--platform=linux/amd64` container (matches CI), or 2. Surgical-edit the lockfile rather than rm-and-regen, or 3. Use the `npm install` (not `--package-lock-only`) on origin/main's lockfile so existing platform pins are preserved. Linear: https://linear.app/smith-horn-group/issue/SMI-4500 Co-Authored-By: claude-flow <ruv@ruv.net> Co-Authored-By: Claude <noreply@anthropic.com> --------- Co-authored-by: Ryan Smith <wrsmith108@users.noreply.github.com> Co-authored-by: claude-flow <ruv@ruv.net> Co-authored-by: Claude <noreply@anthropic.com>
wrsmith108
force-pushed
the
security-batch-smi-4499-4501-4502-4504-2026-04-26
branch
from
80843a1 to
1b2c8f6
Compare
E2E Test ResultsE2E Test Results - April 27, 2026Summary
Test Results
Generated by skillsmith E2E test suite |
…02/4504) SMI-4499 (Dependabot #91, critical) — re-add `protobufjs: ^7.5.5` global override. Originally added in SMI-4248 (#607), dropped in SMI-4250 (#610) on the assumption that only ruflo (dev-only) still pulled sub-7.5.5. That was incorrect — `@claude-flow/aidefence@3.0.2` (a production dep) reaches it via `@xenova/transformers > onnxruntime-web > onnx-proto@4.0.4 → protobufjs@^6.11.0`. `onnx-proto` declares a caret (not exact-pin) so flat override resolves. SMI-4501 (Dependabot #95, medium) — add `uuid: ^14.0.0` global override. Three chains affected (gcp-metadata > gaxios, ruflo plugin, @azure/msal-node). All resolve cleanly post-install. v14 dropped `_default` export and finalized the parse/stringify deprecation; v4() API used by all three callers is unchanged. SMI-4502 (CodeQL #79/#80, high) — replace `Math.random` in `integration-tools.stub.ts` with `crypto.randomBytes`. Stub is re-exported from `integration-tools.ts:18` and ships in published @skillsmith/mcp-server, so production callers were receiving predictable secrets. Output format preserved (32 hex chars for whsec_*, 40 base64url chars for sk_int_*); all existing mcp-server tests pass without modification. SMI-4504 (CodeQL #85, high → false positive) — replace inert `lgtm[js/insufficient-password-hash]` annotation with the GitHub-recognized `codeql[...]` form. The lgtm annotation has been silently no-op since the LGTM.com→GHAS migration. Telemetry actor-ID derivation via HMAC-SHA-256 is not password storage; rationale doc-comment unchanged. UI dismissal of the alert will follow once next CodeQL CI scan confirms the codeql[] form suppresses it. Verification: - npm install -> overrides applied (protobufjs@7.5.5 deduped on all chains; uuid@14.0.0 deduped on all chains; verified via `npm ls protobufjs` and `npm ls uuid`) - npm audit --omit=dev -> only astro <6.1.6 remaining (PR-2 scope, SMI-4500) - npm run lint -> clean - npm run typecheck -> clean - npm test (core) -> 3539/3541 (2 skipped, baseline) - npm test (mcp-server) -> 603/610 (7 todo, baseline) - npm run audit:standards -> 50 pass / 5 warns (baseline) / 0 fail - npm run format:check -> clean Note: the protobufjs override re-add is structurally NOT a regression of SMI-4250's bundle-removal cleanup. SMI-4250 collapsed the otel duplicate chain; this restores defense-in-depth coverage for an unrelated production dep (aidefence) that wasn't accounted for in 4250's analysis. Linear: - https://linear.app/smith-horn-group/issue/SMI-4499 - https://linear.app/smith-horn-group/issue/SMI-4501 - https://linear.app/smith-horn-group/issue/SMI-4502 - https://linear.app/smith-horn-group/issue/SMI-4504 Closes Dependabot alerts #91, #95 Closes CodeQL alerts #79, #80 Targets dismissal of CodeQL alert #85 Co-Authored-By: claude-flow <ruv@ruv.net> Co-Authored-By: Claude <noreply@anthropic.com>
wrsmith108
force-pushed
the
security-batch-smi-4499-4501-4502-4504-2026-04-26
branch
from
1b2c8f6 to
beda18b
Compare
E2E Test ResultsE2E Test Results - April 27, 2026Summary
Test Results
Generated by skillsmith E2E test suite |
2 tasks
wrsmith108
deleted the
security-batch-smi-4499-4501-4502-4504-2026-04-26
branch
wrsmith108
added a commit
that referenced
this pull request
Apr 27, 2026
…p-impl-check] Submodule PR smith-horn/skillsmith-docs#95 merged at 94e26bc — pulls in the 2026-04-27 security batch retrospective covering the SMI-4499..4504 alert closures (PRs #805, #806, #807). No code changes in this commit; just submodule pointer advance. Co-Authored-By: claude-flow <ruv@ruv.net> Co-Authored-By: Claude <noreply@anthropic.com>
wrsmith108
added a commit
that referenced
this pull request
Apr 27, 2026
…p-impl-check] (#815) Submodule PR smith-horn/skillsmith-docs#95 merged at 94e26bc — pulls in the 2026-04-27 security batch retrospective covering the SMI-4499..4504 alert closures (PRs #805, #806, #807). No code changes in this commit; just submodule pointer advance. Co-authored-by: Ryan Smith <wrsmith108@users.noreply.github.com> Co-authored-by: claude-flow <ruv@ruv.net> Co-authored-by: Claude <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Closes 4 GitHub security alerts (1 critical Dependabot + 3 high CodeQL):
protobufjs: ^7.5.5global override (closes Dependabot fix(indexer): Wave 1 critical production blockers #91 critical RCE). Originally added in SMI-4248 (chore(deps): drop unused otel-exporter + override protobufjs/hono (SMI-4248) #607), dropped in SMI-4250 (feat(telemetry): replace auto-instrumentations bundle with selective registration (SMI-4250) #610) on the assumption that only ruflo (dev-only) still pulled sub-7.5.5. That was wrong:@claude-flow/aidefence@3.0.2(production dep) reaches it via@xenova/transformers > onnxruntime-web > onnx-proto@4.0.4 → protobufjs@^6.11.0. Caret declaration → flat override resolves cleanly.uuid: ^14.0.0global override (closes Dependabot refactor(skills): thin dispatcher pattern for context savings #95 medium). Three chains affected (gcp-metadata, ruflo plugin, @azure/msal-node); all resolve to 14.0.0 post-install. v4() API used by all three is unchanged in v14.Math.randominintegration-tools.stub.tswithcrypto.randomBytes(closes CodeQL feat(security): add max content size limit for SKILL.md (SMI-2273) #79/fix(security): add symlink validation to skill install writes (SMI-2274) #80 high). Stub is re-exported from production-shipped@skillsmith/mcp-server. Output format preserved (32 hex chars for whsec_, 40 base64url chars for sk_int_).lgtm[js/insufficient-password-hash]annotation inremote-audit.tswith// codeql[...]form (targets CodeQL fix(security): remove FEATURE_STRICT_CANIMPORT fallback (SMI-2278) #85 dismissal). LGTM annotations have been silently no-op since GHAS migration.Test plan
Linear
Project: GitHub Security Alerts (April 2026)
🤖 Generated with Ruflo
[skip-doc-drift]