> This is the class of attack documented by Adnan Khan in 2024. It's not a TanStack-specific bug; it's a known GitHub Actions design issue that requires conscious mitigation.
While it seems the maintainers kinda went-out-of-their way to enable this - GitHub could easily have at least turned of cache-sharing between fork jobs and the main jobs...
- a writable shared global cache is made available to PRs opened from forks by randomers.
- that cache is reused in the deploy pipeline
- deploys can be made with a single authentication factor, stored on the CI server
- the repository apparently does nothing to check for malicious deploys, delegating that to 3rd parties to do after the code is in the wild.
- by default the package manager runs random code when a package is updated
What a world we live in.