Skip to content

ci: pin GitHub Actions to full commit SHAs to prevent supply-chain attacks#3611

Open
XananasX7 wants to merge 1 commit into
tensorflow:mainfrom
XananasX7:fix/security-pin-actions-to-commit-shas
Open

ci: pin GitHub Actions to full commit SHAs to prevent supply-chain attacks#3611
XananasX7 wants to merge 1 commit into
tensorflow:mainfrom
XananasX7:fix/security-pin-actions-to-commit-shas

Conversation

@XananasX7

Copy link
Copy Markdown

Summary

14 workflow files reference actions/checkout pinned to mutable version tags (@v6, @v4) rather than immutable commit SHAs. Tags can be silently moved by an upstream attacker, allowing arbitrary code execution in CI/CD with access to repository secrets (including TFLM_BOT_REPO_TOKEN and PYPI_API_KEY).

Vulnerability class

Supply-chain attack via mutable Action tag references (CWE-829).

Affected actions

Action Was Now
actions/checkout @v6 @df4cb1c069e1874edd31b4311f1884172cec0e10
actions/checkout @v4 @34e114876b0b11c390a56381ad16ebd13914f8d5

Affected files (14 total)

check_tflite_files.yml, generate_integration_tests.yml, log_binary_size_pr.yml, pypi_build.yml, suite_cortex_m.yml, suite_hexagon.yml, suite_riscv.yml, suite_xtensa.yml, sync.yml, test_bazel.yml, test_hosted.yml, test_makefile.yml, test_misc.yml, test_windows.yml

Fix

All actions/checkout references are pinned to their full immutable commit SHA with the version tag as an inline comment.

@XananasX7 XananasX7 requested a review from veblush as a code owner June 28, 2026 03:04
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant