Add human-in-the-loop confirmation for risky package install scripts#348
Add human-in-the-loop confirmation for risky package install scripts#348lmajano wants to merge 1 commit into
Conversation
Package box.json scripts tied to install-lifecycle interception points (preInstall, onInstall, postInstall, etc.) are fired automatically and run arbitrary commands via shell.callCommand. Installing a third-party package could therefore silently execute attacker-controlled commands. This adds a yes/no confirmation before CommandBox auto-runs one of these install-lifecycle scripts, printing the exact commands first so the user can decline untrusted code. - PackageService.runScript gains an `automatic` flag; only interceptor- driven runs (PackageScripts.cfc) set it, so explicit `run-script` invocations are never prompted. - Gating applies only to install/uninstall lifecycle events, not benign high-frequency points (preCommand, prePrompt, etc.). - On by default. Non-interactive shells (CI/no TTY) deny by default unless trusted via config `scripts.trustInstallScriptsNonInteractive`, env var COMMANDBOX_TRUST_INSTALL_SCRIPTS, or `install --trustScripts`. - Master switch `scripts.confirmInstallScripts` (default true) can disable. Reuses shell.confirm() and shell.isTerminalInteractive(). Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com> Claude-Session: https://claude.ai/code/session_015g9LPH1Ct6zP17DoDEsBUp
|
We don't make up random CommandBox env vars generally. We already have an existing system for overriding config settings. So I also don't understand the need for both The Also, all of this needs sent to the |
bdw429s
left a comment
There was a problem hiding this comment.
stupid GitHub won't let me submit this dumb form without a comment
Package box.json scripts tied to install-lifecycle interception points
(preInstall, onInstall, postInstall, etc.) are fired automatically and
run arbitrary commands via shell.callCommand. Installing a third-party
package could therefore silently execute attacker-controlled commands.
This adds a yes/no confirmation before CommandBox auto-runs one of these
install-lifecycle scripts, printing the exact commands first so the user
can decline untrusted code.
automaticflag; only interceptor-driven runs (PackageScripts.cfc) set it, so explicit
run-scriptinvocations are never prompted.
high-frequency points (preCommand, prePrompt, etc.).
trusted via config
scripts.trustInstallScriptsNonInteractive, env varCOMMANDBOX_TRUST_INSTALL_SCRIPTS, or
install --trustScripts.scripts.confirmInstallScripts(default true) can disable.Reuses shell.confirm() and shell.isTerminalInteractive().