wip: safeguards

Author: joeyparrish

.github/workflows/update-screenshots.yaml

@@ -77,6 +77,7 @@ jobs:
       - uses: actions/checkout@v4
         with:
           ref: ${{ needs.compute-sha.outputs.SHA }}
+          fetch-depth: 0
           persist-credentials: false
 
       - name: Get artifacts
@@ -93,6 +94,17 @@ jobs:
 
       - name: Update screenshots
         run: |
+          # NPM packages and the image update scripts could all be modified by
+          # an attacker to inject code into this step of the workflow.  Use
+          # copies of those files from the main branch as a safeguard.  Up to
+          # now, nothing controlled by the PR author has been executed.
+          git restore --source origin/main -- \
+              package-lock.json \
+              package.json \
+              build/shakaBuildHelpers.py \
+              build/updateScreenshots.py \
+              build/imageSimilarity.js
+
           # Install prerequisites.
           npm ci
 
@@ -104,7 +116,8 @@ jobs:
           git config user.name "shaka-bot"
           git config user.email "[email protected]"
 
-          # Commit the changes.  Ignore failure, in case there are no changes.
+          # Commit the changes to the screenshots only.  Ignore failure, in
+          # case there are no changes.
           git add test/test/assets/screenshots/*/*.png || true
           git commit -m ':robot: Update all screenshots' || true
 
@@ -113,6 +126,8 @@ jobs:
           GH_TOKEN: ${{ github.token }}
         run: |
           # Update the PR.
+
+          # Compute the destination for the push.
           PR_API_URL="/repos/${{ github.repository }}/pulls/${{ inputs.pr }}"
           REMOTE=$(gh api $PR_API_URL | jq -r .head.repo.html_url)
           BRANCH=$(gh api $PR_API_URL | jq -r .head.ref)