Bump actions/upload-artifact from 4.6.2 to 7.0.1#5
Merged
d0cd merged 1 commit intoMay 29, 2026
Conversation
a84449d to
14f90c1
Compare
Owner
|
@dependabot rebase |
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 4.6.2 to 7.0.1. - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](actions/upload-artifact@ea165f8...043fb46) --- updated-dependencies: - dependency-name: actions/upload-artifact dependency-version: 7.0.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
14f90c1 to
8f26482
Compare
d0cd
added a commit
that referenced
this pull request
Jun 10, 2026
# Feedback addressed The latest external feedback file rewrites the open-items list. Two items are brig-side: Issue #2 — cpus: <int> in yaml raises 'argument of type int is not iterable': Regression from the v2 generic yaml-merge. Yaml's 'cpus: 4' parses as int, slips through validation (validator accepts int/float/str), reaches the subprocess args, and _redact_cmd's 'arg in flag-set' membership check explodes when arg is an int. Fix: CellSpec.__post_init__ coerces cpus/memory to str if given as int/float. The boundary that declares cpus: str now actually enforces it. New tests pin the regression. Issue #1 — Workspace symlink escape (LIVE exploit): External team demonstrated the attack works end-to-end: cell drops ln -sf /etc/passwd /work/foo.txt, asks a host-side worker to read /Users/<user>/.brig/state/<name>/workspace/foo.txt, host follows the symlink and leaks /etc/passwd. Bypasses gVisor by asking the host to read on the cell's behalf. Verified empirically: podman 4.9 in our VM doesn't support nosymfollow on bind mounts (both -v syntax and --mount syntax rejected with 'invalid option'). Mount-side fix really isn't available right now. Strengthened docs/reference/cell-metadata.md to spell out the threat at the top with a generic reproducer and the empirically-confirmed reason mount-side defense is roadmapped. Issues #3, #4, #5 are cell-side / already-doc'd / already-fixed. # Generic-ification brig is a general tool; source and brig-owned docs should not name a specific external project. Scrubbed every project-specific name from src/, tests/, and brig-owned docs. The actual external project directories under cells/ (which are gitignored anyway) are untouched. 659 unit tests pass. Per-module coverage gates green. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
d0cd
added a commit
that referenced
this pull request
Jun 10, 2026
Three items that close the brig-feedback.md punch list: 1. **Feedback #3 — auto-grant host_services from cell yaml.** When yaml's `policy.allow` lists `<svc>.host.brig` for a globally-registered service, `brig run` now adds it to the per-cell ACL automatically: auto-granted: aitelier → litellm (declared in cell yaml, registered globally). Revoke: brig policy set aitelier --remove-host-service litellm Loud log line with revoke pointer so operators see the grant. Wildcards (*.host.brig) are NOT auto-granted — only literal names the operator declared explicitly. Opt-out: brig config set auto_grant_host_services false 2. **Feedback #5 — brig cell network includes ingress hits.** Today ingress.py logged to mitmproxy stderr only; debugging inbound failures meant `limactl shell brig sudo podman logs warden`. Now: - ingress.py sets flow.metadata["cell"] so the logger keys entries to the target cell's log file - logger.py writes ingress_route + ingress_src_ip into each entry - brig cell network tags ingress lines `INGRESS: <src> -> ... (route=<name>)` and egress lines `OUT:` — grep-able 3. **host_sockets e2e shell test.** tests/test_host_sockets_e2e.sh stands up a socat-echo host service, runs preflight, starts cell, exec's socat-client inside, verifies bytes round-trip the bridge, confirms cleanup on rm. Gated on Darwin+socat+brig — exits 2 with SKIP message in unsupported environments (Linux CI safe). Tests: 9 new unit (6 auto-grant + 3 network-cmd-ingress) + 1 e2e shell. Suite 771 passing. The feedback.md punch list is now empty other than the host_services flattening refactor (explicitly deferred — separate scope). Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
d0cd
added a commit
that referenced
this pull request
Jun 10, 2026
Three aitelier-feedback items in one coherent change: 1. Warden CA auto-mount (#1, top adoption ask). Cells need to trust Warden's MITM cert to make HTTPS work; today every consumer rediscovers the workaround (extract CA, concat onto system roots, export SSL_CERT_FILE / REQUESTS_CA_BUNDLE / etc.). Brig now stages a combined bundle inside the VM at /state/<cell>/ca-bundle.crt and bind-mounts it read-only at /run/brig/ca-bundle.crt, plus sets the four common env vars unless the cell already declared them. Opt out per cell with trust_warden_ca: false (e.g. cells with strict pinning). Defense in depth: bundle re-extracted from the Warden container on every cell start (source of truth is the container, not the untrusted state dir); staged inside the VM (trust boundary); read-only mount; cell-set env wins; airgapped cells skip the mount entirely. 2. DNS-rebinding check defer (#5). server_connected's rebinding block depended on a latent mitmproxy-API bug: data.server.close() no longer exists on >= 10 (AttributeError masked the would-be kill) and data.flow was None so host_service / ingress exemptions were a no-op. Anyone fixing close() would silently break those flows. Removed the dead block; responseheaders is now the single enforcement point and has the metadata populated by then. Coverage absorbed into TestResponseHeadersDnsRebinding (now 9 cases incl. all IP families). 3. Ingress-token naming docs (#6). `brig run --help` epilog now mentions <cell-name>-ingress-token and policy.tls_passthrough; docs/design/cell-definition.md expands the token-secret naming convention (preferred per-cell, fallback shared, hard error when missing). 868 pass + 10 skip clean. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
d0cd
added a commit
that referenced
this pull request
Jun 10, 2026
Five items from ~/tools/hermes-agent/plans/brig-feedback.md, prioritized by what brig (not the consumer cell) can change. #1 Read-only /workspace mount (MEDIUM-HIGH). Root cause was the SA cell yaml's missing `workspace_mount: /workspace` — default is `/work`, so writes to /workspace/* hit the read-only rootfs. Doc fix in troubleshooting.md spells out the three options (align cell yaml, align app, last-resort writable_rootfs) so the next consumer doesn't waste a debugging session. #3 Long-life cell pattern undocumented (MEDIUM). The `command: ["sleep", "infinity"]` workaround was buried in host-an-agent.md but not in troubleshooting. Added an explicit "Cell flips to stopped immediately" entry that calls it out, alongside the other common immediate-exit causes. #4 Cell logs empty for file-based loggers (LOW-MEDIUM). cmd_logs now detects the empty-output case (snapshot mode only — follow mode keeps TTY passthrough) and prints an inline hint pointing at `brig cell exec` / `brig cell read` for file-based logs. Plus a troubleshooting entry that explains the contract. #5 Telemetry domains blocked but non-fatal (LOW). Documented the three common ones aitelier hit (Datadog log shipping, mcp-proxy, platform.claude.com) with the agent's typical behavior and the allow/silence options. Not addressed: #2 Hermes cell entrypoint writes malformed config.yaml — this is a bug in ~/tools/hermes-agent/cells/hermes/entrypoint.sh, not brig itself. Flagged to the hermes team. Longer-term wishlist (per-cell credential rotation, inter-cell routing, cross-source audit query, nosymfollow) intentionally deferred — each needs its own design discussion. 940 pass + 10 skip. Ruff + mypy + ast green. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Bumps actions/upload-artifact from 4.6.2 to 7.0.1.
Release notes
Sourced from actions/upload-artifact's releases.
... (truncated)
Commits
043fb46Merge pull request #797 from actions/yacaovsnc/update-dependency634250cInclude changes in typespec/ts-http-runtime 0.3.5e454baaReadme: bump all the example versions to v7 (#796)74fad66Update the readme with direct upload details (#795)bbbca2dSupport direct file uploads (#764)589182cUpgrade the module to ESM and bump dependencies (#762)47309c9Merge pull request #754 from actions/Link-/add-proxy-integration-tests02a8460Add proxy integration testb7c566aMerge pull request #745 from actions/upload-artifact-v6-releasee516bc8docs: correct description of Node.js 24 support in README