From c6be468980acd2ea67d3952ac5459a9561866b79 Mon Sep 17 00:00:00 2001
From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com>
Date: Thu, 19 Feb 2026 22:09:04 +0000
Subject: [PATCH 1/2] Initial plan


From cfa5be87aa3197256f6d846154120b70ac00b14a Mon Sep 17 00:00:00 2001
From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com>
Date: Thu, 19 Feb 2026 22:13:07 +0000
Subject: [PATCH 2/2] fix: lowercase token before denylist comparison to block
 mixed-case flag bypass

Co-authored-by: pmalarme <686568+pmalarme@users.noreply.github.com>
---
 .github/actions/setup-python-env/action.yml | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/.github/actions/setup-python-env/action.yml b/.github/actions/setup-python-env/action.yml
index 9455985..9e47d3c 100644
--- a/.github/actions/setup-python-env/action.yml
+++ b/.github/actions/setup-python-env/action.yml
@@ -39,7 +39,9 @@ runs:
           # NOTE: '--' (end-of-options marker) is intentionally allowed; positional args would fail validation.
           for arg in $EXTRA_ARGS; do
             # Denylist: block flags that could redirect dependency resolution to an attacker-controlled index.
-            if [[ "$arg" =~ ^--(index-url|extra-index-url|trusted-host|find-links)(=|$) ]]; then
+            # Lowercase the token before comparison so mixed-case variants (e.g. --Index-Url) are also blocked.
+            arg_lower="${arg,,}"
+            if [[ "$arg_lower" =~ ^--(index-url|extra-index-url|trusted-host|find-links)(=|$) ]]; then
               echo "::error::Blocked dangerous extra-args token: '$arg'. Registry overrides are not permitted." >&2
               exit 1
             fi