Tags and branches such as v1 can be modified if the repository is compromised.
Commit hashes, on the other hand, are unfeasible to craft.
Let's adopt this security step whenever secrets (such as API tokens) are exposed to foreign actions.
Special thanks to @mpolitzer and @fmoura for the insight. :pray:
Tags and branches such as
v1
can be modified if the repository is compromised. Commit hashes, on the other hand, are unfeasible to craft. Let's adopt this security step whenever secrets (such as API tokens) are exposed to foreign actions. Special thanks to @mpolitzer and @fmoura for the insight. :pray: