feat(reviewer-workflow): add hard wall against reviewer mutations through alternate profile or CLI side-channel
This commit is contained in:
+24
-1
@@ -24,7 +24,7 @@ venv_python = os.path.join(PROJECT_ROOT, "venv", "bin", "python3")
|
||||
if os.path.exists(venv_python) and sys.executable != venv_python:
|
||||
os.execv(venv_python, [venv_python] + sys.argv)
|
||||
|
||||
from gitea_auth import get_auth_header, resolve_remote, add_remote_args, api_request, repo_api_url
|
||||
from gitea_auth import get_auth_header, resolve_remote, add_remote_args, api_request, repo_api_url, get_profile
|
||||
|
||||
|
||||
def main(argv=None):
|
||||
@@ -60,6 +60,29 @@ def main(argv=None):
|
||||
|
||||
host, org, repo = resolve_remote(args)
|
||||
|
||||
# ── Mutation Authority context wall check (Issue #194) ──
|
||||
LOCK_FILE = "/tmp/gitea_mutation_authority.lock"
|
||||
|
||||
if os.path.exists(LOCK_FILE):
|
||||
try:
|
||||
with open(LOCK_FILE, "r", encoding="utf-8") as f:
|
||||
lock_data = json.load(f)
|
||||
|
||||
# Resolve current CLI profile
|
||||
cli_profile = get_profile().get("profile_name")
|
||||
locked_profile = lock_data.get("current_profile")
|
||||
|
||||
if cli_profile != locked_profile:
|
||||
print(
|
||||
f"Mismatched active profile vs mutation profile (CLI override rejected): "
|
||||
f"CLI profile '{cli_profile}' does not match locked active profile '{locked_profile}' (fail closed)",
|
||||
file=sys.stderr
|
||||
)
|
||||
return 3
|
||||
except Exception as e:
|
||||
print(f"Mutation authority check failed: {e}", file=sys.stderr)
|
||||
return 3
|
||||
|
||||
body = args.body
|
||||
if args.body_file:
|
||||
if args.body_file == "-":
|
||||
|
||||
Reference in New Issue
Block a user