From 45166d121896f2b13eaca5673f77e0b8f9d71721 Mon Sep 17 00:00:00 2001 From: AICtrl Bot Date: Mon, 2 Mar 2026 14:52:47 +0000 Subject: [PATCH 1/6] fix: patch xml2js prototype pollution, route OpenCode review through hush MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - Add npm override for xml2js ^0.6.2 (fixes Dependabot alert #1, prototype pollution in transitive dep blessed-contrib → map-canvas → xml2js) - Integrate hush@0.1.7 into the OpenCode AI review workflow: install and start the hush gateway on :4000, copy the hush plugin, configure opencode.json to route API calls through the proxy. Defense-in-depth: plugin blocks sensitive file reads, proxy redacts PII from normal file content before it reaches the model. Co-Authored-By: Claude Opus 4.6 --- .github/workflows/opencode-review.yml | 31 +++++++++++++++++++++++---- package-lock.json | 10 ++++----- package.json | 3 +++ 3 files changed, 35 insertions(+), 9 deletions(-) diff --git a/.github/workflows/opencode-review.yml b/.github/workflows/opencode-review.yml index b032395..1ca0308 100644 --- a/.github/workflows/opencode-review.yml +++ b/.github/workflows/opencode-review.yml @@ -69,16 +69,39 @@ jobs: echo "skip=false" >> $GITHUB_OUTPUT fi + - name: Setup Node.js + if: steps.check_changes.outputs.skip != 'true' + uses: actions/setup-node@v4 + with: + node-version: 22 + + - name: Start Hush Gateway + if: steps.check_changes.outputs.skip != 'true' + run: | + npm install -g @aictrl/hush@0.1.7 + PORT=4000 HUSH_HOST=127.0.0.1 hush & + # Wait for gateway to be ready + for i in $(seq 1 20); do + curl -sf http://127.0.0.1:4000/health > /dev/null 2>&1 && break + sleep 0.5 + done + echo "Hush gateway running on :4000" + - name: Setup OpenCode if: steps.check_changes.outputs.skip != 'true' env: ZHIPU_API_KEY: ${{ secrets.ZHIPUAI_API_KEY }} GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} run: | - # Use GITHUB_TOKEN to avoid rate limits when fetching version info + # Install OpenCode curl -fsSL https://opencode.ai/install | bash -s -- --no-modify-path echo "$HOME/.opencode/bin" >> $GITHUB_PATH + # Configure OpenCode to route through hush proxy + hush plugin + mkdir -p .opencode/plugins + cp examples/team-config/.opencode/plugins/hush.ts .opencode/plugins/hush.ts + printf '%s\n' '{"provider":{"zai-coding-plan":{"options":{"baseURL":"http://127.0.0.1:4000/api/coding/paas/v4"}}},"plugin":[".opencode/plugins/hush.ts"]}' > opencode.json + - name: Direct OpenCode Review if: steps.check_changes.outputs.skip != 'true' env: @@ -87,7 +110,7 @@ jobs: run: | SHA=${{ github.event.pull_request.head.sha || github.sha }} echo "Starting review with GLM-5 for SHA $SHA..." - + $HOME/.opencode/bin/opencode run --model zai-coding-plan/glm-5 "Review the changes in this PR for the Hush Semantic Gateway. Focus areas: @@ -95,7 +118,7 @@ jobs: 2. **Streaming Integrity**: Check that the SSE/streaming proxy logic doesn't buffer unnecessarily or break the rehydration flow. 3. **Security**: Look for potential PII leaks or insecure token handling in the vault. 4. **Reliability**: Ensure the proxy handles upstream errors gracefully. - + Keep the summary concise but technical. Post findings as a markdown comment on the PR. - + **CRITICAL**: Include the string 'Reviewed SHA: $SHA' at the very end of your comment so I can track which commits have been reviewed." diff --git a/package-lock.json b/package-lock.json index 66b2e35..7db1326 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1,12 +1,12 @@ { "name": "@aictrl/hush", - "version": "0.1.6", + "version": "0.1.7", "lockfileVersion": 3, "requires": true, "packages": { "": { "name": "@aictrl/hush", - "version": "0.1.6", + "version": "0.1.7", "license": "Apache-2.0", "dependencies": { "@modelcontextprotocol/sdk": "^1.27.1", @@ -4197,9 +4197,9 @@ } }, "node_modules/xml2js": { - "version": "0.4.23", - "resolved": "https://registry.npmjs.org/xml2js/-/xml2js-0.4.23.tgz", - "integrity": "sha512-ySPiMjM0+pLDftHgXY4By0uswI3SPKLDw/i3UXbnO8M/p28zqexCUoPmQFrYD+/1BzhGJSs2i1ERWKJAtiLrug==", + "version": "0.6.2", + "resolved": "https://registry.npmjs.org/xml2js/-/xml2js-0.6.2.tgz", + "integrity": "sha512-T4rieHaC1EXcES0Kxxj4JWgaUQHDk+qwHcYOCFHfiwKz7tOVPLq7Hjq9dM1WCMhylqMEfP7hMcOIChvotiZegA==", "license": "MIT", "dependencies": { "sax": ">=0.6.0", diff --git a/package.json b/package.json index e5a2d73..166353d 100644 --- a/package.json +++ b/package.json @@ -52,6 +52,9 @@ "pino": "^10.3.1", "pino-pretty": "^13.1.3" }, + "overrides": { + "xml2js": "^0.6.2" + }, "devDependencies": { "@types/blessed": "^0.1.27", "@types/cors": "^2.8.19", From 534ecc79d926477fcbda224d5590e177aeb15135 Mon Sep 17 00:00:00 2001 From: AICtrl Bot Date: Mon, 2 Mar 2026 15:05:06 +0000 Subject: [PATCH 2/6] fix: use global npm bin path for hush in CI review workflow Running bare `hush` in the repo checkout resolves to the local package.json bin entry (dist/cli.js) which doesn't exist in CI since this workflow doesn't build. Use $(npm prefix -g)/bin/hush to reliably invoke the globally-installed binary. Also adds a health-check with ::error:: annotation so the job fails fast with a clear message if the gateway doesn't start. Co-Authored-By: Claude Opus 4.6 --- .github/workflows/opencode-review.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/workflows/opencode-review.yml b/.github/workflows/opencode-review.yml index 1ca0308..7536b76 100644 --- a/.github/workflows/opencode-review.yml +++ b/.github/workflows/opencode-review.yml @@ -79,12 +79,14 @@ jobs: if: steps.check_changes.outputs.skip != 'true' run: | npm install -g @aictrl/hush@0.1.7 - PORT=4000 HUSH_HOST=127.0.0.1 hush & + HUSH_BIN="$(npm prefix -g)/bin/hush" + PORT=4000 HUSH_HOST=127.0.0.1 "$HUSH_BIN" & # Wait for gateway to be ready for i in $(seq 1 20); do curl -sf http://127.0.0.1:4000/health > /dev/null 2>&1 && break sleep 0.5 done + curl -sf http://127.0.0.1:4000/health || { echo "::error::Hush gateway failed to start"; exit 1; } echo "Hush gateway running on :4000" - name: Setup OpenCode From 60b0940ff647179073ddace4a1532d4cb4cebd09 Mon Sep 17 00:00:00 2001 From: AICtrl Bot Date: Mon, 2 Mar 2026 16:03:17 +0000 Subject: [PATCH 3/6] fix: add 10m timeout and debug logging to OpenCode review step Co-Authored-By: Claude Opus 4.6 --- .github/workflows/opencode-review.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/opencode-review.yml b/.github/workflows/opencode-review.yml index 7536b76..bf68912 100644 --- a/.github/workflows/opencode-review.yml +++ b/.github/workflows/opencode-review.yml @@ -106,12 +106,15 @@ jobs: - name: Direct OpenCode Review if: steps.check_changes.outputs.skip != 'true' + timeout-minutes: 10 env: ZHIPU_API_KEY: ${{ secrets.ZHIPUAI_API_KEY }} GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} run: | SHA=${{ github.event.pull_request.head.sha || github.sha }} echo "Starting review with GLM-5 for SHA $SHA..." + echo "opencode.json:"; cat opencode.json + echo "Hush health:"; curl -sf http://127.0.0.1:4000/health || echo "gateway unreachable" $HOME/.opencode/bin/opencode run --model zai-coding-plan/glm-5 "Review the changes in this PR for the Hush Semantic Gateway. From b50a99ee59da34d389e4c7c132d5cdd47a862cfd Mon Sep 17 00:00:00 2001 From: AICtrl Bot Date: Mon, 2 Mar 2026 16:15:44 +0000 Subject: [PATCH 4/6] fix: bump OpenCode review timeout to 15m (was timing out mid-review) Co-Authored-By: Claude Opus 4.6 --- .github/workflows/opencode-review.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/opencode-review.yml b/.github/workflows/opencode-review.yml index bf68912..a1cb55f 100644 --- a/.github/workflows/opencode-review.yml +++ b/.github/workflows/opencode-review.yml @@ -106,7 +106,7 @@ jobs: - name: Direct OpenCode Review if: steps.check_changes.outputs.skip != 'true' - timeout-minutes: 10 + timeout-minutes: 15 env: ZHIPU_API_KEY: ${{ secrets.ZHIPUAI_API_KEY }} GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} From 25befab6ee330ef2cc1332a6918fde1074bf3954 Mon Sep 17 00:00:00 2001 From: AICtrl Bot Date: Mon, 2 Mar 2026 16:28:32 +0000 Subject: [PATCH 5/6] fix: add build step to review workflow so tests pass when OpenCode runs them Co-Authored-By: Claude Opus 4.6 --- .github/workflows/opencode-review.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.github/workflows/opencode-review.yml b/.github/workflows/opencode-review.yml index a1cb55f..2eaa1a7 100644 --- a/.github/workflows/opencode-review.yml +++ b/.github/workflows/opencode-review.yml @@ -89,6 +89,10 @@ jobs: curl -sf http://127.0.0.1:4000/health || { echo "::error::Hush gateway failed to start"; exit 1; } echo "Hush gateway running on :4000" + - name: Build project + if: steps.check_changes.outputs.skip != 'true' + run: npm ci && npm run build + - name: Setup OpenCode if: steps.check_changes.outputs.skip != 'true' env: From f43c082828e068dbf1ca1392a6eaae22161b41fe Mon Sep 17 00:00:00 2001 From: AICtrl Bot Date: Mon, 2 Mar 2026 16:29:45 +0000 Subject: [PATCH 6/6] fix: tell OpenCode reviewer not to run tests, just read code and post comment Co-Authored-By: Claude Opus 4.6 --- .github/workflows/opencode-review.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/workflows/opencode-review.yml b/.github/workflows/opencode-review.yml index 2eaa1a7..71223af 100644 --- a/.github/workflows/opencode-review.yml +++ b/.github/workflows/opencode-review.yml @@ -122,12 +122,14 @@ jobs: $HOME/.opencode/bin/opencode run --model zai-coding-plan/glm-5 "Review the changes in this PR for the Hush Semantic Gateway. + **IMPORTANT**: This is a code review only. Do NOT run tests, npm commands, or build commands. Only read source files and git diffs. + Focus areas: 1. **Redaction Logic**: Ensure PII patterns are robust and handle edge cases in tool outputs (like JSON or CLI tables). 2. **Streaming Integrity**: Check that the SSE/streaming proxy logic doesn't buffer unnecessarily or break the rehydration flow. 3. **Security**: Look for potential PII leaks or insecure token handling in the vault. 4. **Reliability**: Ensure the proxy handles upstream errors gracefully. - Keep the summary concise but technical. Post findings as a markdown comment on the PR. + Keep the summary concise but technical. Post findings as a single markdown comment on the PR using gh pr comment, then stop. **CRITICAL**: Include the string 'Reviewed SHA: $SHA' at the very end of your comment so I can track which commits have been reviewed."