Pypi#13
Conversation
There was a problem hiding this comment.
Cursor Bugbot has reviewed your changes and found 1 potential issue.
❌ Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, enable autofix in the Cursor dashboard.
Reviewed by Cursor Bugbot for commit 16ac47f. Configure here.
| --dir dist | ||
| gh release download "${{ inputs.tag }}" \ | ||
| --pattern 'quicknode_sdk-*.tar.gz' \ | ||
| --dir dist |
There was a problem hiding this comment.
Script injection via unsanitized workflow input in shell
High Severity
${{ inputs.tag }} is directly interpolated into shell run commands, which is a well-known GitHub Actions script injection vulnerability. A user with write access could supply a crafted tag value (e.g., containing "; malicious-command #) that breaks out of the double quotes and executes arbitrary commands. Since this job later runs twine upload with access to PYPI_API_TOKEN, injected code could tamper with the dist/ contents before upload, enabling a supply chain attack on PyPI. The safe fix is to pass the input via an environment variable (env: TAG: ${{ inputs.tag }}) and reference "$TAG" in the shell.
Reviewed by Cursor Bugbot for commit 16ac47f. Configure here.


Note
Medium Risk
Moderate risk because it changes packaging identifiers/metadata (name, version, Python support range) and introduces a new release workflow that can publish artifacts to PyPI if misconfigured.
Overview
Adds a new manual GitHub Actions workflow (
publish-pypi.yml) to publish the Python wheels and sdist from a GitHub Release tag to PyPI usingtwine, including a guard that verifies the expected artifact counts before upload.Renames the Python package from
sdktoquicknode-sdk, bumps the version to0.1.0a6, raisesrequires-pythonto>=3.11, and fills out PyPI metadata (authors, keywords, classifiers, and project URLs) acrosspyproject.toml,crates/python/pyproject.toml, anduv.lock.Reviewed by Cursor Bugbot for commit 16ac47f. Bugbot is set up for automated code reviews on this repo. Configure here.