Closed tripleee closed 1 year ago
https://securitylab.github.com/research/github-actions-preventing-pwn-requests/ explains the rationale for this. Untrusted code should not get access to the repository's secrets. I'll see if I can come up with a workaround.
https://github.com/tripleee/sloshy/commit/4c5604c57da658e813da7b7c311667c61b42c42b disables the test-pushed
Github Action for PRs for the time being.
The GH action on a pull request doesn't get access to the login token, so the test fails.