Workflows Awaiting Approval

[jsignell]

This is mostly a PSA. Apparently, new contributors have to have their workflow runs approved by maintainers now.

I just ran into this on https://github.com/dask/dask/pull/7706

The tests did not run until I hit "Approve and Run".

[fjetter]

That's a security feature of github actions to avoid execution of malicious code and/or abusing of compute resources, e.g. by bots. I am not aware of any way to disable this.

For reference, the Learn more points to https://docs.github.com/en/actions/managing-workflow-runs/approving-workflow-runs-from-public-forks

[quasiben]

I've also run into this a few times. As @fjetter said, it seems like something to prevent crypot-miners on CI systems

[jsignell]

Oh yeah, I was just raising this so people are aware that we need to be extra diligent about looking at PRs since new contributors don't get CI runs until we explicitly allow them.

[GenevieveBuckley]

A newer discussion on the same topic is here: https://github.com/dask/community/issues/191

[jsignell]

I'll go ahead and close this one, since @jacobtomlinson's has more of a path forward :)

[sufsid]

1 workflow awaiting approval First-time contributors need a maintainer to approve running workflows when can I expect this to be approved?