Skip to content

fix: bridge Action inputs to process.env for privacy guard validation#8

Merged
rxolve merged 2 commits intomainfrom
dev
Mar 1, 2026
Merged

fix: bridge Action inputs to process.env for privacy guard validation#8
rxolve merged 2 commits intomainfrom
dev

Conversation

@rxolve
Copy link
Copy Markdown
Collaborator

@rxolve rxolve commented Mar 1, 2026

GitHub Actions maps with: inputs to INPUT_* prefixed env vars, but review-engine's privacyGuard.validateEnvironment() checks process.env directly. Set ANTHROPIC_API_KEY and GITHUB_TOKEN on process.env after reading them via core.getInput().

@rxolve @claude
fix: bridge Action inputs to process.env for privacy guard validation
46051e2 
GitHub Actions maps `with:` inputs to INPUT_* prefixed env vars,
but review-engine's privacyGuard.validateEnvironment() checks
process.env directly. Set ANTHROPIC_API_KEY and GITHUB_TOKEN on
process.env after reading them via core.getInput().

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@rxolve rxolve self-assigned this Mar 1, 2026
@github-actions
Copy link
Copy Markdown

github-actions Bot commented Mar 1, 2026

🤖 Dialectic PR Review

Framework: vanilla
Strategy: small
Files Reviewed: 1

Summary

The change introduces a security concern by exposing sensitive credentials to the global process environment. While functionally correct for bridging GitHub Actions inputs to review-engine expectations, it creates unnecessary security exposure and tight coupling that should be addressed.

Issues

🔐 Environment variable pollution with sensitive data

File: src/action.ts (Line 13)
Type: security
Confidence: high

Setting ANTHROPIC_API_KEY and GITHUB_TOKEN directly on process.env exposes sensitive credentials to all child processes and modules. This creates a security risk where any dependency or spawned process can access these tokens.

Suggestion:

Pass credentials as parameters to review-engine instead of polluting process.env. If review-engine requires env vars, consider using a more secure approach like temporary env scoping or credential injection at the module boundary.

🔧 Tight coupling between GitHub Actions and review-engine

File: src/action.ts (Line 13)
Type: maintainability
Confidence: medium

The code creates a bridge between GitHub Actions input format and review-engine's expected environment variables. This coupling makes the code harder to test and maintain, as it assumes specific environment variable names.

Suggestion:

Consider refactoring review-engine to accept credentials as parameters, or create a dedicated configuration object that can be passed to review-engine without modifying global state.

Metadata

  • Tokens Used: 887
  • Duration: 8.82s

Powered by Dialectic PR Review

@rxolve @claude
fix: remove process.env pollution — pass credentials via parameters only
eb13672 
review-engine already receives credentials as options parameters, so
the process.env validation was redundant. Remove validateEnvironment()
from review-engine (CLI already validates via getEnvOrThrow), remove
the process.env bridge hack from action.ts, and delete the now-unused
validateEnvironment() method from PrivacyGuard.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@rxolve rxolve merged commit f538d07 into main Mar 1, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@rxolve rxolve

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@rxolve