Any previous contributor can run the scdiff workflow
What is the new behavior (if this is a feature change)?**
Only members of the ossf GitHub org can run the scdiff workflow.
Previously we matched GitHub's "Require approval for first-time
contributors", which represents a minor barrier for attackers
(e.g. submitting a typo fix). Project members should ensure their
visibility in the "ossf" GitHub org is "Public" to be able to run
scdiff.
[ ] Tests for the changes have been added (for bug fixes/features)
Which issue(s) this PR fixes
Special notes for your reviewer
Does this PR introduce a user-facing change?
For user-facing changes, please add a concise, human-readable release note to
the release-note
(In particular, describe what changes users might need to make in their
application as a result of this pull request.)
What kind of change does this PR introduce?
workflow change
What is the current behavior?
Any previous contributor can run the
scdiffworkflowWhat is the new behavior (if this is a feature change)?**
Only members of the
ossfGitHub org can run thescdiffworkflow.Previously we matched GitHub's "Require approval for first-time contributors", which represents a minor barrier for attackers (e.g. submitting a typo fix). Project members should ensure their visibility in the "ossf" GitHub org is "Public" to be able to run scdiff.
Which issue(s) this PR fixes
Special notes for your reviewer
Does this PR introduce a user-facing change?
For user-facing changes, please add a concise, human-readable release note to the
release-note(In particular, describe what changes users might need to make in their application as a result of this pull request.)