fix: validate reviewAgentLogPath to prevent path injection (#1134)

* fix: validate reviewAgentLogPath to prevent path injection

Add path validation to invokeDiffReviewLlm to ensure the log path
stays within the expected DATA_CACHE_DIR/review-agent directory.
This addresses CodeQL alert #19 (js/path-injection) by resolving
the path and verifying it does not escape the log directory.

The validation is performed before each fs.appendFileSync call
to prevent path traversal attacks even if the call chain changes
in the future.

Co-authored-by: Michael Sukkarieh <msukkari@users.noreply.github.com>

* chore: add CHANGELOG entry for path injection fix

Co-authored-by: Michael Sukkarieh <msukkari@users.noreply.github.com>

* refactor: share REVIEW_AGENT_LOG_DIR constant between app.ts and invokeDiffReviewLlm.ts

Export the log directory constant from invokeDiffReviewLlm.ts and
import it in app.ts to ensure a single source of truth for the
review agent log directory path.

Co-authored-by: Michael Sukkarieh <msukkari@users.noreply.github.com>

* docs: add guidance to link PRs to Linear issues in PR description

Co-authored-by: Michael Sukkarieh <msukkari@users.noreply.github.com>

* fix: use lazy evaluation for REVIEW_AGENT_LOG_DIR to fix build

Change REVIEW_AGENT_LOG_DIR from a top-level constant to a
getReviewAgentLogDir() function to avoid evaluating env.DATA_CACHE_DIR
at module load time, which fails during Next.js build when
environment variables are not yet available.

Co-authored-by: Michael Sukkarieh <msukkari@users.noreply.github.com>

* docs: add requirement to run tests and build before pushing

Co-authored-by: Michael Sukkarieh <msukkari@users.noreply.github.com>

* Revert "docs: add requirement to run tests and build before pushing"

This reverts commit 476081e.

---------

Co-authored-by: Cursor Agent <cursoragent@cursor.com>
Co-authored-by: Michael Sukkarieh <msukkari@users.noreply.github.com>

Author: msukkari

CHANGELOG.md

@@ -10,6 +10,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 ### Fixed
 - Fixed revision selection so the 64-revision cap prefers the newest matching branches and tags instead of pruning by ref-name order. [#1122](https://github.com/sourcebot-dev/sourcebot/pull/1122)
 - Fixed infinite pagination loop in Gitea/Forgejo when an API token can only see a subset of org repos (the `x-total-count` header reports org total while token returns fewer items). [#1130](https://github.com/sourcebot-dev/sourcebot/pull/1130)
+- Fixed path injection vulnerability (CodeQL js/path-injection) in review agent log writing by validating paths stay within the expected log directory. [#1134](https://github.com/sourcebot-dev/sourcebot/pull/1134)
 - Fixed missing workflow permissions in `docs-broken-links.yml` by adding explicit `permissions: {}` to follow least privilege principle. [#1131](https://github.com/sourcebot-dev/sourcebot/pull/1131)
 - Fixed CodeQL missing-workflow-permissions alert by adding explicit empty permissions to `deploy-railway.yml`. [#1132](https://github.com/sourcebot-dev/sourcebot/pull/1132)
 

CLAUDE.md

@@ -276,6 +276,7 @@ You can optionally include a scope to indicate which package is affected:
 
 PR description:
 - If a GitHub issue number was provided, include `Fixes #<github_issue_number>` in the PR description
+- If a Linear issue ID was provided (e.g., SOU-123), include `Fixes SOU-123` at the top of the PR description to auto-link the PR to the Linear issue
 
 After the PR is created:
 - Update CHANGELOG.md with an entry under `[Unreleased]` linking to the new PR. New entries should be placed at the bottom of their section.

packages/web/src/features/agents/review-agent/app.ts

@@ -2,6 +2,7 @@ import { Octokit } from "octokit";
 import { generatePrReviews } from "@/features/agents/review-agent/nodes/generatePrReview";
 import { githubPushPrReviews } from "@/features/agents/review-agent/nodes/githubPushPrReviews";
 import { githubPrParser } from "@/features/agents/review-agent/nodes/githubPrParser";
+import { getReviewAgentLogDir } from "@/features/agents/review-agent/nodes/invokeDiffReviewLlm";
 import { env } from "@sourcebot/shared";
 import { GitHubPullRequest } from "@/features/agents/review-agent/types";
 import path from "path";
@@ -30,7 +31,7 @@ export async function processGitHubPullRequest(octokit: Octokit, pullRequest: Gi
 
     let reviewAgentLogPath: string | undefined;
     if (env.REVIEW_AGENT_LOGGING_ENABLED) {
-        const reviewAgentLogDir = path.join(env.DATA_CACHE_DIR, "review-agent");
+        const reviewAgentLogDir = getReviewAgentLogDir();
         if (!fs.existsSync(reviewAgentLogDir)) {
             fs.mkdirSync(reviewAgentLogDir, { recursive: true });
         }

packages/web/src/features/agents/review-agent/nodes/invokeDiffReviewLlm.ts

@@ -2,10 +2,23 @@ import OpenAI from "openai";
 import { sourcebot_file_diff_review, sourcebot_file_diff_review_schema } from "@/features/agents/review-agent/types";
 import { env } from "@sourcebot/shared";
 import fs from "fs";
+import path from "path";
 import { createLogger } from "@sourcebot/shared";
 
 const logger = createLogger('invoke-diff-review-llm');
 
+export const getReviewAgentLogDir = (): string => {
+    return path.join(env.DATA_CACHE_DIR, 'review-agent');
+};
+
+const validateLogPath = (logPath: string): void => {
+    const resolved = path.resolve(logPath);
+    const logDir = getReviewAgentLogDir();
+    if (!resolved.startsWith(logDir + path.sep)) {
+        throw new Error('reviewAgentLogPath escapes log directory');
+    }
+};
+
 export const invokeDiffReviewLlm = async (reviewAgentLogPath: string | undefined, prompt: string): Promise<sourcebot_file_diff_review> => {
     logger.debug("Executing invoke_diff_review_llm");
 
@@ -19,6 +32,7 @@ export const invokeDiffReviewLlm = async (reviewAgentLogPath: string | undefined
     });
 
     if (reviewAgentLogPath) {
+        validateLogPath(reviewAgentLogPath);
         fs.appendFileSync(reviewAgentLogPath, `\n\nPrompt:\n${prompt}`);
     }
 
@@ -32,6 +46,7 @@ export const invokeDiffReviewLlm = async (reviewAgentLogPath: string | undefined
 
         const openaiResponse = completion.choices[0].message.content;
         if (reviewAgentLogPath) {
+            validateLogPath(reviewAgentLogPath);
             fs.appendFileSync(reviewAgentLogPath, `\n\nResponse:\n${openaiResponse}`);
         }