joshmgross
commented
3 months ago Closing in favor of #598
Closed joshmgross closed 3 months ago
joshmgross
commented
3 months ago Closing in favor of #598
Arusekk
commented
1 month ago Can this be reconsidered please? The other one is a very hard breaking change to all projects using coverage.py for instance (I bet there are other uses as well). Now the disaster has already happened, so it might be 'too late' or something, but I believe that this PR would have otherwise been a net benefit rather than what happened there.
Example of how projects needed to adapt: https://github.com/Gallopsled/pwntools/pull/2477
This is an alternative approach to #598 targeting just the
.gitdirectory.We want to ensure this action is safe by default and users can't accidentally upload their Git credentials into an artifact that can then be exfiltrated.
This is still a breaking change, but less impactful than #598.
Users can opt out of this change by setting the newly added
include-git-directoryinput.