Skip prophet for pull requests originating from forked repositories

b4mboo / prophet

An easy way to loop through open pull requests and run code on the merged branch.

MIT License

9 stars 8 forks source link

Skip prophet for pull requests originating from forked repositories #15

Closed fschueller closed 6 years ago

fschueller commented 6 years ago

Allowing prophet to run for arbitrary pull requests opened up some serious holes for malicious code execution on CI machines. By querying an attribute coming with the Github API response we can simply skip these pull requests automatically and have a closer look at contributions coming from outside the repository.

digitaltom commented 6 years ago

@fschueller please submit to: https://github.com/SUSE/prophet

fschueller commented 6 years ago

Closing, as it needs to be submitted to https://github.com/SUSE/prophet