SECURITY-169-API-37: repair CI/runtime-freeze security guardrails#2919
Conversation
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 50bada975a
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
| if [[ "$value" != "1" ]]; then | ||
| echo "Scale impact resolver attempted to disable required MBTI smoke checks." >&2 | ||
| exit 1 | ||
| fi |
There was a problem hiding this comment.
Fail closed when scale-impact command errors
This guard only rejects an explicit run_mbti_smoke=0. If scripts/ci/resolve_scale_impact.sh exits non-zero before emitting that key (for example because ci:scale-impact breaks in PHP/artisan), the command is still run through process substitution later in this step, so its status is not covered by the set -euo pipefail pipeline; the loop exits successfully and ci_verify_mbti.sh falls back to its default RUN_MBTI_SMOKE=1. In that failure mode, PRs can keep green CI while the scale-impact guardrail itself is broken instead of failing closed.
Useful? React with 👍 / 👎.
What changed
Why
Security acceptance gates must not be bypassed by path classification, environment overrides, destructive migration labels, or broad lookup-controller exemptions.
Validation
RUN_MBTI_SMOKE=0 bash backend/scripts/ci_verify_mbti.shrejected before test execution.bash backend/scripts/ci_verify_mbti.shpassed.php artisan route:list --no-ansi: 233 routes.git diff --checkpassed.Deferred items