Change default CI run permission on PR's to "only folks new to GitHub"??

adrienverge / yamllint

A linter for YAML files.

GNU General Public License v3.0

2.86k stars 273 forks source link

Change default CI run permission on PR's to "only folks new to GitHub"?? #589

Closed jeffwidman closed 1 year ago

jeffwidman commented 1 year ago

I was surprised to see on https://github.com/adrienverge/yamllint/pull/588 that this requires maintainer approval, even though I'm relatively experienced on GitHub...

IIRC GitHub set it up like this as default a while back, but they've also added an option of "only folks new to GitHub" and on most open source projects that I work on we've flipped to that as it seems to do good enough at keeping the spam / bitcoin miners down, whilst still making life easy for drive-by contributors.

adrienverge commented 1 year ago

Makes sense :+1: Settings updated to "require approval for first-time contributors who are new to GitHub".