Security: supply chain audit script + Trivy incident report#1
Closed
Security: supply chain audit script + Trivy incident report#1
Conversation
* bump to 0.1.0 Signed-off-by: Prithvi Kannan <prithvi.kannan@databricks.com> * min version Signed-off-by: Prithvi Kannan <prithvi.kannan@databricks.com> * dev Signed-off-by: Prithvi Kannan <prithvi.kannan@databricks.com> * fix Signed-off-by: Prithvi Kannan <prithvi.kannan@databricks.com> --------- Signed-off-by: Prithvi Kannan <prithvi.kannan@databricks.com>
* Allow argument to be passed to VectorSearchClient to enable users to use Service Principals instead of PATs * Update integrations/langchain/src/databricks_langchain/vectorstores.py Co-authored-by: Prithvi Kannan <46332835+prithvikannan@users.noreply.github.com> * Update vectorstores.py Resolve weird line duplication from accepting the proposed change --------- Co-authored-by: Prithvi Kannan <46332835+prithvikannan@users.noreply.github.com>
* v0.1.1 release Signed-off-by: Prithvi Kannan <prithvi.kannan@databricks.com> * fix Signed-off-by: Prithvi Kannan <prithvi.kannan@databricks.com> --------- Signed-off-by: Prithvi Kannan <prithvi.kannan@databricks.com>
…trieverTool (databricks#24) * Add VectorSearchRetrieverTool * Add docs and fix tool creation * Fix bug * Refactor * Update API to be uniform * Refactor based on Pydantic * Rename files * PR feedback and lint * Fix lint * Remove endpoint arg from tests * Add new test checking tool descriptions --------- Co-authored-by: Leon Bi <leon.bi@databricks.com>
…s#40) * Add support for OpenAI structured outputs with json_schema * Fix linting
…tion packages (databricks#41) * Pull out logic from langchain integration * Remove change to ai bridge dep version since we'll have to upgrade it again later anyways * Lint * Reformat
* Create VectorSearchRetrieverTool class for OpenAI * Intermediate commit * Initial implementation * Working e2e delta sync index happy case * Add unit tests and some validations * Undo line * Remove extra changes * Fix embedding * Remove double field * Lint * Minor cleanup * PR feedback * Lint * Rename tool call
…SearchRetrieverTool (databricks#43) * Add tracing for langchain and openai vs tool with unit tests * Format * Update unit test * Lint
…tabricks#44) * Simplify tool execution * Lint * Fix typo * Update rewrite_index_name * Handle tool name * Format * Add new example * Change return shape to match tracing * Update documentation * Update return type * Format * Update integrations/openai/src/databricks_openai/vector_search_retriever_tool.py Co-authored-by: Siddharth Murching <smurching@gmail.com> --------- Co-authored-by: leonbi-db <85906791+leonbi-db@users.noreply.github.com> Co-authored-by: Siddharth Murching <smurching@gmail.com>
Co-authored-by: leonbi100 <leonbi100@gmail.com>
* Improve main README Signed-off-by: Prithvi Kannan <prithvi.kannan@databricks.com> * remove external tool Signed-off-by: Prithvi Kannan <prithvi.kannan@databricks.com> --------- Signed-off-by: Prithvi Kannan <prithvi.kannan@databricks.com>
* update Signed-off-by: Ann Zhang <ann.zhang@databricks.com> * update Signed-off-by: Ann Zhang <ann.zhang@databricks.com> * update Signed-off-by: Ann Zhang <ann.zhang@databricks.com> * update Signed-off-by: Ann Zhang <ann.zhang@databricks.com> * update Signed-off-by: Ann Zhang <ann.zhang@databricks.com> * format Signed-off-by: Ann Zhang <ann.zhang@databricks.com> * update Signed-off-by: Ann Zhang <ann.zhang@databricks.com> --------- Signed-off-by: Ann Zhang <ann.zhang@databricks.com>
Signed-off-by: Prithvi Kannan <prithvi.kannan@databricks.com>
…lt description of vector_search_tool (databricks#56) * Fixing the description to not look for source_table comment for default descriptio of vector_search_tool * Add back the mlflow dep
* Updating the docs to fix and remove redundant content * Apply suggestions from code review Co-authored-by: Aravind Segu <aravind.segu@databricks.com> --------- Co-authored-by: Aravind Segu <aravind.segu@databricks.com>
Signed-off-by: Bryan Qiu <bryan.qiu@databricks.com>
* Update Genie to optionally take in a workspace client * Formatting * formatting changes
…in looseResponseAgentChunkSchema (databricks#354) Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
…ions/ai-sdk-provider (databricks#304) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…langchainjs (databricks#358) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…ations/langchainjs (databricks#359) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…/integrations/langchainjs (databricks#360) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…injs (databricks#361) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…hainjs (databricks#357) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…i-sdk-provider (databricks#364) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…ai-sdk-provider (databricks#363) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Bryan Qiu <bryan.qiu@databricks.com> Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
Signed-off-by: Bryan Qiu <bryan.qiu@databricks.com>
Add Lakebase autoscaling support (project/branch and endpoint parameters) alongside the existing provisioned mode (instance_name) across all Lakebase classes and integrations [LakebasePool](https://github.com/databricks/databricks-ai-bridge/blob/main/src/databricks_ai_bridge/lakebase.py#L178) [CheckpointSaver](https://github.com/databricks/databricks-ai-bridge/blob/main/integrations/langchain/src/databricks_langchain/checkpoint.py#L20) [DatabricksStore](https://github.com/databricks/databricks-ai-bridge/blob/main/integrations/langchain/src/databricks_langchain/store.py#L24) [DatabricksSession](https://github.com/databricks/databricks-ai-bridge/blob/main/integrations/openai/src/databricks_openai/agents/session.py#L57) Using new autoscaling SDK: https://databricks-sdk-py.readthedocs.io/en/latest/workspace/postgres/postgres.html#databricks.sdk.service.postgres.PostgresAPI Lakebase autoscaling migration doc with testing in Agent Examples Testing section: https://docs.google.com/document/d/1yaCIhx2Uw2RcyLWUBLfHNqIgGY138XcJS-4HXgchoD8/edit?tab=t.ftdnjzyyyoab
…-openai 0.13.0 (databricks#370) Co-authored-by: Zeyi (Rice) Fan <zeyi.f@databricks.com>
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
… runners - Replace databricks-protected-runner-group with ubuntu-latest - Add id-token: write permission for OIDC - Add npm update step (Trusted Publishing requires npm >= 11.5.1) - Replace NPM_TOKEN secret with --provenance flag on npm publish Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Releases now go exclusively through workflow_dispatch with the production flag. Removes the push:tags trigger and the version/tag verification step. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
…e merging) Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
… runners Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Adds scripts/supply-chain-audit.sh — a reusable script that checks for compromised packages/tools, known IOCs, and unpinned GitHub Actions (the root attack vector in the March 2026 Trivy supply chain incident). Also includes supply-chain-audit-report.md (full structured assessment) and supply-chain-audit-results.md (latest script output). Current status: no exposure to the Trivy incident; all Actions are tag/branch-pinned rather than SHA-pinned (74 findings requiring remediation). Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
20 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
scripts/supply-chain-audit.sh— a reusable script to audit the repo for supply chain attack indicatorssupply-chain-audit-report.md— full structured assessment from the March 2026 Trivy incidentsupply-chain-audit-results.md— latest output from the scriptWhat the script checks
trivy,aquasecurity,emilgroup); extend with--packages "pkg1 pkg2"--iocs "domain1 domain2"uses:reference as SHA-pinned (safe), tag-pinned (at risk), or branch-pinned (high risk)Current audit results
trivy,aquasecurity,emilgroup, and all Trivy IOCs are absent from current code and full git historypypa/gh-action-pypi-publish@release/v1), not commit SHATest plan
bash scripts/supply-chain-audit.shand verify clean output on sections 1–2.github/workflows/--packagesand--iocsflags with custom values🤖 Generated with Claude Code