fix(danger): harden extra-install-packages against host-shell interpolation (#169)

vaind · claude · web-flow · commit c802283cd907 · 2026-05-19T13:39:03.000+02:00
* fix(danger): harden extra-install-packages against host-shell interpolation The package list was interpolated by the host shell into the `docker exec ... sh -c "..."` command string. Although the upstream "Validate package names" step already rejects shell metacharacters, building the command string on the host is the exact pattern #152 (VULN-1100) set out to eliminate everywhere. Pass the value into the container via `docker exec -e` and expand it inside a single-quoted `sh -c` body so neither the host shell nor GitHub Actions expression evaluation ever constructs the command string. Behavior is unchanged for valid inputs (covered by the existing extra-packages-test CI job). Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com> * docs(changelog): add PR number to unreleased entry Danger requires the changelog entry to reference the PR number. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com> --------- Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,5 +1,11 @@
 # Changelog
 
+## Unreleased
+
+### Fixes
+
+- Danger - Harden `extra-install-packages` handling: pass the package list into the container via env var instead of host-shell string interpolation (defense in depth) ([#169](https://github.com/getsentry/github-workflows/pull/169))
+
 ## 3.4.0
 
 ### Features
diff --git a/danger/action.yml b/danger/action.yml
@@ -88,7 +88,11 @@ runs:
         EXTRA_INSTALL_PACKAGES: ${{ inputs.extra-install-packages }}
       run: |
         echo "Installing packages: $EXTRA_INSTALL_PACKAGES"
-        docker exec --user root danger sh -c "set -e && apt-get update && apt-get install -y --no-install-recommends $EXTRA_INSTALL_PACKAGES"
+        # Pass the (already-validated) package list into the container via env var and
+        # let the container's shell expand it. Single quotes prevent the host shell
+        # from interpolating the value into the command string (defense in depth).
+        docker exec --user root -e EXTRA_INSTALL_PACKAGES danger \
+          sh -c 'set -e && apt-get update && apt-get install -y --no-install-recommends $EXTRA_INSTALL_PACKAGES'
         echo "All additional packages installed successfully."
 
     - name: Run DangerJS
