Accessing GitHub Actions Secrets for Dependabot Pull Requests on Private Repositories

Recent changes in GitHub made Dependabot a pain in the ass. Here’s a potential solution for your organization.

Recently, a bunch of Dependabot PRs that required GitHub Action Secrets began to fail, which brought me to this article from GitHub:

GitHub Actions: Workflows triggered by Dependabot PRs will run with read-only permissions | GitHub…

Which lead to this article about preventing pwn requests:

Keeping your GitHub Actions and workflows secure: Preventing pwn requests

By no longer having access to repository secrets, Dependabot PRs in my organizations began to fail because they relied on a personal access token secret for fetching private GitHub Packages, which is currently the only authentication method for accessing private GitHub Packages outside of the current repository. I read these articles multiple times and still didn’t understand how to fix Dependabot PRs. Scouring the internet, I found a significant amount of frustration and a lot of complicated work arounds.

After a few days, I realized that there was a simple solution for my organizations.

Disable Forking of Private Repositories

In the Preventing pwn requests article, the main attack vector GitHub is trying to defend against is malicious authors, but if your organization only has private repositories that do not allow forks, all your authors should be trusted (otherwise they shouldn’t be in your organization).

With proper branch protection in each repository, there isn’t a good reason to allow members of your organization to fork private repositories. Forking makes perfect sense in public, open-source projects, but not for private repositories. Thus, don’t allow forking of private repositories:

Disable forking of private repositories in your organization settings under “Member privileges”

Only Enable Secrets for Private Repositories

Next, don’t share secrets in any of your public repositories. Your public repositories should not need any and, if they do, you can set different secrets for them. Note that “private repositories” is the default option, so you are probably already doing this.

For sensitive secrets, only grant private and internal repositories access

Send Secrets to Workflows from Fork Pull Requests

Since Dependabot PRs are treated as fork PRs, just allow sending secrets to fork PRs, but don’t allow forks in your organization. This will enable secrets just for Dependabot (that I am aware of).

Enable workflows and secrets for fork pull requests in your organization settings under “Actions > General”

It’s like GitHub never made a change!

Things to keep in mind

These settings just circumvent the protections GitHub is trying to provide you. To minimize the vulnerabilities, you should:

• Use lockfiles so that GitHub Dependabot can keep track of any vulnerabilities in your entire dependency tree
• Only use trusted dependencies and consider gating which third party dependencies you allow in your applications
• Try to only use personal access token secrets with read-only access (e.g. reading GitHub Packages) whenever possible—avoid creating PATs with write access