origamiserviceuser
commented
3 years ago o-errors bundle size difference from 4.0.8 to 4663820776ddab5cdca45f0adc55c18365a3a161 No significant bundle size differences found.
Closed JakeChampion closed 3 years ago
origamiserviceuser
commented
3 years ago o-errors bundle size difference from 4.0.8 to 4663820776ddab5cdca45f0adc55c18365a3a161 No significant bundle size differences found.
origamiserviceuser
commented
3 years ago o-errors bundle size difference from 4.0.8 to eb5b28fed915bc554a21dbc6fb1b25669bc2b88e No significant bundle size differences found.
We have workflows that currently fail to run correctly for pull-requests from forks or pull-requests from dependabot. The reason is because those workflows are being triggered by the 'pull_request' event, which does will use a restricted github api token for pull-requests from forks or dependabot for security reasons.
For our workflows which are 'safe' (meaning they do not checkout the code or execute the code in the repository), we can change their trigger from 'pull_request' to 'pull_request_target', which uses a github api token with more permissions, specifically it has permission to read/use secrets, which are the things are workflows require.
Our workflows are safe, they do not checkout or execute the code from the repository, so we should change to using
pull_request_targetto make our workflows work for dependabot and pull-requests from forks.