New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Lack of integrity verification of downloaded external dependencies #162
Comments
Hi Maciej 👋 You are correct that we download resources from GitHub to execute: danger-ruby-swiftlint/ext/swiftlint/Rakefile Lines 10 to 22 in 7736083
And you are correct that we could hardcode and md5 hash (for example) into our codebase to verify the integrity of SwiftLint. We haven't done so because it hasn't been a priority; we rely on HTTPS to provide reasonable-ish security. For a tool that runs on CI servers, this has been sufficient. That said, it would not be difficult to add an integrity check (and corresponding unit test). I'm going to leave this issue open in case anyone would like to add this. |
Add integrity validation when downloading Swiftlint (#162)
Fix "Rake aborted; Command failed with status 127" (#162)
Fix `Command failed with status 127` (#162)
Thank you. Much appreciated. |
Hey,
My name is Maciej Mensfeld and I run a research security project called diffend.io.
I've noticed, that this library downloads some external resources and uses them. While it's a totally common pattern, what is lacking here is integrity verification.
You could verify the integrity of the downloaded file before using it by comparing the file hash to a hardcoded, expected file hash.
This is essentially what package managers do to verify the integrity of downloaded packages.
Doing this would prevent attack scenarios in which
SwiftLint
is manipulated.Have a great day :)
The text was updated successfully, but these errors were encountered: