chore(repo): supply-chain and CI/CD hardening -- part 2 [PLT-103649]

[CalinaCristian]

Part 2 of #688

What this does

Workflows

• Fixed heredoc injection in support-branch-scope.yml — gh pr diff output (attacker-controlled file paths) was written using a literal EOF delimiter; replaced with random delimiters via openssl rand
• Moved GH_TOKEN from job-level to step-scoped env in close-stale-prs.yml
• Added timeout-minutes: 30 to the release job; added attestations: write permission required by actions/attest-sbom and actions/attest-build-provenance; SBOMs now written to $RUNNER_TEMP instead of the repo root (prevents them being committed by the version-bump git add --all)
• Added concurrency: blocks to pr-labeler.yml and commit-lint.yml
• Dependabot now ignores major version bumps for both npm packages and GitHub Actions — majors are handled manually
• Added monitor-npm-publishes.yml — daily workflow that cross-references all @uipath/* dist-tag versions on npm against GitHub releases; opens a security issue on mismatch, closes it when resolved, fails hard on npm fetch errors so outages cannot silently auto-close alerts
• Fixed Vercel CLI cache restore key — branch-scoped prefix could never match the primary key (which lacked ref_name); now both primary key and restore prefix include ref_name
• dependency-review.yml permissions cleanup — pull-requests: write was unnecessary for the license check job (PR comments via the Issues API only need issues: write)
• install-node-deps/action.yml — switched from NODE_AUTH_TOKEN to GH_NPM_REGISTRY_TOKEN to fix 401s under pnpm 11, which reads both the actions/setup-node temp .npmrc and the repo .npmrc simultaneously
• apollo-vertex-registry-check.yml — replaced ${{ github.workspace }} inline in run: with $GITHUB_WORKSPACE; registry test jobs now seed a dedicated pnpm-workspace-registry-test.yaml into temp dirs so pnpm 11 resolves packages identically to the main workspace

Scripts

• unpublish-dev.ts: added @uipath/ scope validation in unpublishFromGitHub() and main(); tightened package name regex to ^@uipath/[a-z0-9-]+$
• publish-dev.ts: added package name validation before resolving the workspace path; GHP publish now correctly keeps GH_NPM_REGISTRY_TOKEN and clears NPM_AUTH_TOKEN (was reversed)
• publish-to-registries.sh: NPM_AUTH_TOKEN cleared for GHP publish; --tag stripped from caller args and driven by validated $TAG_NAME env var; TAG_NAME guard added
• All .releaserc.json files: publishCmd changed to TAG_NAME=${nextRelease.channel || 'latest'} bash ... so the tag passes through publish-to-registries.sh validation
• check-licenses.ts: execSync (shell form) replaced with execFileSync
• create-dev-comment.ts and update-dev-comment-row.ts: added bot-type guard to the jq filter to prevent comment-planting
• monitor-npm-publishes.yml script: uses npm view dist-tags --json to check all tagged versions (not just latest); fetch failures increment a counter and block the auto-close path; skip pattern tightened to [[ "$version" =~ -pr[0-9]+(\..*)?$ ]] so -prerelease versions are not incorrectly excluded

Supply chain config

• pnpm 11 breaking change (pnpm/pnpm#11536): pnpm 11 silently ignores the entire pnpm.* block in package.json. All overrides, packageExtensions, and onlyBuiltDependencies must live in pnpm-workspace.yaml. Moved the full pnpm block accordingly.
• pnpm-workspace.yaml: added overrides (including @standard-schema/spec: ^1.1.0) and packageExtensions for @tanstack/ai — required for correct TypeScript type resolution under pnpm 11, which links packages differently and exposes a latent type inference issue with @tanstack/ai-react and @tanstack/react-db when @standard-schema/spec@1.0.0 is hoisted instead of 1.1.0
• package.json: pinned semantic-release-monorepo to exact 8.0.2; removed the now-ignored pnpm.* block; bumped engines.pnpm to >=11
• CODEOWNERS: added explicit entry for turbo.json
• New .github/scripts/test-registry/pnpm-workspace-registry-test.yaml — dedicated workspace config for isolated registry test environments (overrides + packageExtensions + allowBuilds, without supply-chain hardening settings that break ephemeral installs)

Docs

• copilot-instructions.md: extended the supply chain attack reference table with patterns from the TanStack incident (pnpm store cache poisoning, published package protocol injection, OIDC trusted-publisher scope, workflow_run guard, burst-publish detection, forged bot commit identity); expanded the cache and fork-safety checklists; added Dependabot review items; added new code review block items; added pnpm 11 breaking change note

[Copilot]

Pull request overview

This PR hardens repository supply-chain and CI/CD behavior across release, dev publish/cleanup, dependency policy, and workflow guidance.

Changes:

• Upgrades repo tooling guidance/configuration toward pnpm 11 and expands pnpm supply-chain controls.
• Hardens publishing scripts and release workflows with stricter validation, token isolation, SBOM/provenance steps, and safer output delimiters.
• Updates CI governance, action pins, Dependabot policy, CODEOWNERS, and monitoring for npm publish/release mismatches.

Reviewed changes

Copilot reviewed 32 out of 33 changed files in this pull request and generated 5 comments.

Show a summary per file

File	Description
web-packages/ap-chat/.releaserc.json	Passes release channel through TAG_NAME for publishing.
packages/apollo-core/.releaserc.json	Updates publish command tag handling.
packages/apollo-react/.releaserc.json	Updates publish command tag handling.
packages/apollo-wind/.releaserc.json	Updates publish command tag handling.
scripts/publish-to-registries.sh	Adds stricter shell mode, tag validation, arg filtering, and token isolation.
scripts/publish-dev.ts	Adds package validation and token-isolation changes for dev publish.
scripts/unpublish-dev.ts	Adds fetch timeouts and stricter package validation.
scripts/create-dev-comment.ts	Filters existing dev package comments to bot-authored comments.
scripts/update-dev-comment-row.ts	Filters existing dev package comments to bot-authored comments.
scripts/check-licenses.ts	Replaces shell command execution with execFileSync.
pnpm-workspace.yaml	Moves peer settings, adds pnpm 11 supply-chain/build-script settings, and extends release-age exemptions.
package.json	Pins semantic-release-monorepo and updates package manager to pnpm 11.
apps/apollo-vertex/package.json	Updates package manager to pnpm 11.
.npmrc	Removes pnpm behavior settings now moved to workspace config.
CONTRIBUTING.md	Updates pnpm prerequisite to v11.
CODEOWNERS	Adds ownership coverage for turbo.json.
.github/workflows/release.yml	Adds timeout, credential handling changes, SBOM generation, artifacts, and attestations.
.github/workflows/dev-publish.yml	Hardens outputs, env handling, and publish/cleanup tokens.
.github/workflows/dev-cleanup.yml	Hardens multiline outputs and cleanup token usage.
.github/workflows/monitor-npm-publishes.yml	Adds scheduled npm publish/release mismatch monitoring.
.github/workflows/vercel-deploy.yml	Updates github-script pin and adjusts Vercel CLI cache keying.
.github/workflows/support-branch-scope.yml	Uses randomized GitHub output delimiters and updates github-script pin.
.github/workflows/prune-release-age-exemptions.yml	Disables checkout credential persistence and injects credentials later.
.github/workflows/pr-labeler.yml	Adds PR-scoped concurrency.
.github/workflows/dependency-review.yml	Updates github-script pin.
.github/workflows/commit-lint.yml	Adds PR-scoped concurrency.
.github/workflows/codeql.yml	Documents governance around auto-dismissing suppressed alerts.
.github/workflows/close-stale-prs.yml	Moves GH_TOKEN to step-scoped env.
.github/workflows/apollo-vertex-registry-check.yml	Uses shell environment variables for workspace paths.
.github/dependabot.yml	Ignores major updates and simplifies update grouping policy.
.github/copilot-instructions.md	Rewrites repo guidance with expanded CI/supply-chain review rules.
.claude/skills/harden-github-action/SKILL.md	Updates pnpm context to v11.

[Copilot]

Pull request overview

Copilot reviewed 33 out of 34 changed files in this pull request and generated 5 comments.

[github-actions]

Dependency License Review

• ✅ 2053 package(s) scanned
• ✅ No license issues found
• ⚠️ 14 package(s) excluded (see details below)

License distribution

License	Packages
MIT	1786
ISC	103
Apache-2.0	62
BSD-3-Clause	29
BSD-2-Clause	24
Copyright 2022, UiPath, all rights reserved	9
BlueOak-1.0.0	8
MPL-2.0	4
MIT-0	3
Unknown	3
Unlicense	3
CC0-1.0	3
MIT OR Apache-2.0	2
(MIT OR Apache-2.0)	2
LGPL-3.0-or-later	1
Python-2.0	1
CC-BY-4.0	1
(MPL-2.0 OR Apache-2.0)	1
BSD	1
Artistic-2.0	1
(WTFPL OR MIT)	1
(BSD-2-Clause OR MIT OR Apache-2.0)	1
CC-BY-3.0	1
0BSD	1
(MIT OR CC0-1.0)	1
MIT AND ISC	1

Excluded packages

Package	Version	License	Reason
@img/sharp-libvips-linux-x64	1.2.4	LGPL-3.0-or-later	LGPL pre-built binary, not linked
@uipath/apollo-angular-elements	5.89.0	Copyright 2022, UiPath, all rights reserved	UiPath first-party package
@uipath/apollo-core	4.35.1, 4.35.2	Copyright 2022, UiPath, all rights reserved	UiPath first-party package
@uipath/apollo-fonts	1.25.8	Copyright 2022, UiPath, all rights reserved	UiPath first-party package
@uipath/apollo-icons	1.33.7	Copyright 2022, UiPath, all rights reserved	UiPath first-party package
@uipath/apollo-mui5	2.31.26, 2.31.27	Copyright 2022, UiPath, all rights reserved	UiPath first-party package
@uipath/portal-shell	3.351.4	Copyright 2022, UiPath, all rights reserved	UiPath first-party package
@uipath/portal-shell-react	3.149.36	Copyright 2022, UiPath, all rights reserved	UiPath first-party package
@uipath/portal-shell-types	3.326.0	Copyright 2022, UiPath, all rights reserved	UiPath first-party package
@uipath/portal-shell-util	1.114.0	Copyright 2022, UiPath, all rights reserved	UiPath first-party package
@uipath/apollo-lab	25.12.0	Unknown	UiPath first-party package
@uipath/telemetry-client-web	5.1.0	Unknown	UiPath first-party package
khroma	2.1.0	Unknown	MIT per GitHub repo, missing license field in package.json
hyperx	2.5.4	BSD	BSD-2-Clause per LICENSE file, non-SPDX "BSD" in package.json

[Copilot]

Pull request overview

Copilot reviewed 33 out of 34 changed files in this pull request and generated 4 comments.

[Copilot]

Pull request overview

Copilot reviewed 34 out of 35 changed files in this pull request and generated 2 comments.

[Copilot]

Pull request overview

Copilot reviewed 34 out of 35 changed files in this pull request and generated 1 comment.

[Copilot]

Pull request overview

Copilot reviewed 34 out of 35 changed files in this pull request and generated 1 comment.

[Copilot]

Pull request overview

Copilot reviewed 35 out of 36 changed files in this pull request and generated 2 comments.

[Copilot]

Pull request overview

Copilot reviewed 35 out of 36 changed files in this pull request and generated 2 comments.