← Back to PRs

#17182: security(line): fail closed when webhook token/secret are missing

by davidahmann open 2026-02-15 13:54 View on GitHub →
stale size: S
## Problem LINE webhook startup accepted empty auth inputs, which weakens webhook trust assumptions and risks fail-open behavior. ## What Changed - Added strict startup guards in `src/line/monitor.ts` to require non-empty `channelAccessToken` and `channelSecret`. - Trimmed token/secret before wiring bot and webhook handler. - Added regression tests in `src/line/monitor.auth-guards.test.ts` ensuring startup fails closed and bot creation is not attempted. ## Validation - `pnpm vitest run src/line/monitor.auth-guards.test.ts` Fixes #17158 <!-- greptile_comment --> <h3>Greptile Summary</h3> Adds startup validation to prevent LINE webhook initialization with empty credentials. Trims `channelAccessToken` and `channelSecret` before checking, and throws descriptive errors (referencing config paths) if either is empty. Test coverage ensures bot creation is never attempted when auth material is missing. <h3>Confidence Score: 5/5</h3> - This PR is safe to merge with minimal risk - The changes implement straightforward security hardening with proper fail-closed behavior. The validation logic is correct (trim then check for emptiness), error messages are informative, and the test coverage verifies both edge cases. The guards execute early before any bot initialization or state recording, preventing potential security issues from empty credentials. - No files require special attention <sub>Last reviewed commit: 191c5a7</sub> <!-- greptile_other_comments_section --> <!-- /greptile_comment -->

Most Similar PRs