Closed metachris closed 3 months ago
CI for PRs should (and do) run in a context that doesn't have access to secrets. This PR separates the upload of the report into a separate workflow.
See also https://securitylab.github.com/research/github-actions-preventing-pwn-requests/
make lint
make test
📝 Summary
CI for PRs should (and do) run in a context that doesn't have access to secrets. This PR separates the upload of the report into a separate workflow.
See also https://securitylab.github.com/research/github-actions-preventing-pwn-requests/
✅ I have completed the following steps:
make lint
make test