Closed tgharold closed 1 year ago
v1.4.0 of the ritterim/public-github-acitons fixes a vulnerability, plus has some bug fixes for later parts of the pipeline.
Switch to using 'pull_request_target'. We've hopefully structured our workflows in a way that avoids exploits of this GitHub Actions trigger.
v1.4.0 of the ritterim/public-github-acitons fixes a vulnerability, plus has some bug fixes for later parts of the pipeline.
Switch to using 'pull_request_target'. We've hopefully structured our workflows in a way that avoids exploits of this GitHub Actions trigger.