Skip to content

Add audit script for gitstream-cm[bot] installation token activity #514

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
ariel-linearb wants to merge 1 commit into from

Add installation_audit.py

ab196ff
Select commit
Loading
Failed to load commit list.
Closed

Add audit script for gitstream-cm[bot] installation token activity #514

Add installation_audit.py
ab196ff
Select commit
Loading
Failed to load commit list.
LinearB / lb/linearb_ai_review succeeded Apr 4, 2026 in 2m 44s

Code review added

✨ PR Review

Agentic review
The gitstream bot audit script carries meaningful risk in three areas—hardcoded time windows requiring manual code edits, falsy-zero timestamp logic that silently picks wrong dates, and credential exposure in process lists—and needs a pass before merge.

3 issues detected:

🧹 Maintainability - Hardcoded Time Window Requires Code Edit Per Run

Details: Lines 22–23 hardcode TIME_FROM and TIME_TO to fixed dates (2026-03-30 and 2026-04-04), requiring code edits every time you need to audit a different time window. Since the script is designed for repeated audits over varying periods, add CLI arguments or environment variables to make the time window configurable without modifying source code.
File: installation_audit.py (22-23)

🐞 Bug - Falsy Integer 0 Causes Wrong Timestamp Fallback

Details: At line 73 in installation_audit.py, using entry.get("@timestamp") or entry.get("created_at", 0) incorrectly treats a falsy @timestamp of 0 as missing. If @timestamp equals 0 (Unix epoch), the code falls back to created_at, and if that's also absent, ts becomes 0, causing parse_ts to return 1970-01-01 UTC. This triggers an early pagination exit, silently dropping all remaining audit events in the requested time window. Use explicit None checks like entry.get("@timestamp") if entry.get("@timestamp") is not None else entry.get("created_at", 0) to preserve valid falsy timestamps.
File: installation_audit.py (73-73)

🔒 Security - PAT Token Exposed in Process List and Shell History

Details: The GitHub PAT is passed as a plain-text CLI argument at line 114, making it visible to all users via ps aux during execution and permanently storing it in shell history files like ~/.bash_history. This exposes a credential with admin:org and read:audit_log scopes, granting broad organizational access. Use environment variables or secure credential managers instead of command-line arguments to prevent this leak.
File: installation_audit.py (114-114)

Generated by LinearB AI and added by gitStream.
AI-generated content may contain inaccuracies. Please verify before using.
💡 Tip: You can customize your AI Review using Guidelines Learn how

View more details on LinearB