From 10b9adb010a666401fd21507a30f935ead4f6ccd Mon Sep 17 00:00:00 2001 From: Shakker Date: Wed, 29 Apr 2026 19:40:56 +0100 Subject: [PATCH] fix: trust-gate manifest auth evidence --- src/secrets/provider-env-vars.dynamic.test.ts | 77 ++++++++++++++++++- src/secrets/provider-env-vars.ts | 14 +++- 2 files changed, 88 insertions(+), 3 deletions(-) diff --git a/src/secrets/provider-env-vars.dynamic.test.ts b/src/secrets/provider-env-vars.dynamic.test.ts index 954ea1b5d1a..dcc05677c8e 100644 --- a/src/secrets/provider-env-vars.dynamic.test.ts +++ b/src/secrets/provider-env-vars.dynamic.test.ts @@ -36,7 +36,7 @@ type MockManifestRegistry = { }; const pluginRegistryMocks = vi.hoisted(() => { - const loadManifestRegistry = vi.fn<() => MockManifestRegistry>(() => ({ + const loadManifestRegistry = vi.fn<(...args: unknown[]) => MockManifestRegistry>(() => ({ plugins: [], diagnostics: [], })); @@ -153,6 +153,81 @@ describe("provider env vars dynamic manifest metadata", () => { source: "external cloud credentials", }, ]); + expect( + pluginRegistryMocks.loadPluginManifestRegistryForPluginRegistry.mock.calls.at(-1)?.[0], + ).toMatchObject({ includeDisabled: false }); + }); + + it("excludes untrusted workspace plugin auth evidence by default", async () => { + pluginRegistryMocks.loadPluginManifestRegistryForPluginRegistry.mockReturnValue({ + plugins: [ + { + id: "workspace-cloud", + origin: "workspace", + setup: { + providers: [ + { + id: "workspace-cloud", + authEvidence: [ + { + type: "local-file-with-env", + fileEnvVar: "WORKSPACE_CLOUD_CREDENTIALS", + credentialMarker: "workspace-cloud-local-credentials", + }, + ], + }, + ], + }, + }, + ], + diagnostics: [], + }); + + expect( + resolveProviderAuthEvidence({ config: { plugins: {} } })["workspace-cloud"], + ).toBeUndefined(); + }); + + it("keeps explicitly trusted workspace plugin auth evidence", async () => { + pluginRegistryMocks.loadPluginManifestRegistryForPluginRegistry.mockReturnValue({ + plugins: [ + { + id: "workspace-cloud", + origin: "workspace", + setup: { + providers: [ + { + id: "workspace-cloud", + authEvidence: [ + { + type: "local-file-with-env", + fileEnvVar: "WORKSPACE_CLOUD_CREDENTIALS", + credentialMarker: "workspace-cloud-local-credentials", + }, + ], + }, + ], + }, + }, + ], + diagnostics: [], + }); + + expect( + resolveProviderAuthEvidence({ + config: { + plugins: { + allow: ["workspace-cloud"], + }, + }, + })["workspace-cloud"], + ).toEqual([ + { + type: "local-file-with-env", + fileEnvVar: "WORKSPACE_CLOUD_CREDENTIALS", + credentialMarker: "workspace-cloud-local-credentials", + }, + ]); }); it("appends setup provider env vars after explicit provider auth env vars", async () => { diff --git a/src/secrets/provider-env-vars.ts b/src/secrets/provider-env-vars.ts index af899cd4bb0..bb353def006 100644 --- a/src/secrets/provider-env-vars.ts +++ b/src/secrets/provider-env-vars.ts @@ -62,6 +62,16 @@ function shouldUsePluginProviderEnvVars( return isWorkspacePluginTrustedForProviderEnvVars(plugin, params?.config); } +function shouldUsePluginProviderAuthEvidence( + plugin: PluginManifestRecord, + params: ProviderEnvVarLookupParams | undefined, +): boolean { + if (plugin.origin !== "workspace") { + return true; + } + return isWorkspacePluginTrustedForProviderEnvVars(plugin, params?.config); +} + function appendUniqueEnvVarCandidates( target: Record, providerId: string, @@ -150,11 +160,11 @@ function resolveManifestProviderAuthEvidence( workspaceDir: params?.workspaceDir, env: params?.env, preferPersisted: false, - includeDisabled: true, + includeDisabled: false, }); const evidenceByProvider: Record = {}; for (const plugin of registry.plugins) { - if (!shouldUsePluginProviderEnvVars(plugin, params)) { + if (!shouldUsePluginProviderAuthEvidence(plugin, params)) { continue; } for (const provider of plugin.setup?.providers ?? []) {