ARCHIVE/xrpl-dev-portal
1
0
Fork 0
mirror of https://github.com/XRPLF/xrpl-dev-portal.git synced 2025-11-15 01:05:49 +00:00
Code Issues Packages Projects Releases Wiki Activity

Disable insecure CI job

Browse Source
This commit is contained in:
mDuo13
2021-11-15 13:01:44 -08:00
parent 13bc864a26
commit a57bbaf2a0
1 changed files with 11 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
.github/workflows/link-checker-pr.yml vendored
View File

@@ -1,14 +1,16 @@
name: Link Checker (PR Build) name: Link Checker (PR Build)
on: # Disabled. GitHub doesn't actually stop these jobs from running automatically
# Note: this job runs with in-repo permissions so it can comment and commit # even when they come from untrusted contributors, so this is insecure.
# on stuff in the repo even when the PR is coming from a PR. This means that # on:
# it can, potentially, wreak havoc on the repository by running arbitrary # # Note: this job runs with in-repo permissions so it can comment and commit
# code. Be sure to ONLY approve job runs AFTER you have confirmed that the # # on stuff in the repo even when the PR is coming from a PR. This means that
# commits in question do not contain malicious or suspicious code (especially # # it can, potentially, wreak havoc on the repository by running arbitrary
# to the .sh or .py files in the tool/ directory.) # # code. Be sure to ONLY approve job runs AFTER you have confirmed that the
pull_request_target: # # commits in question do not contain malicious or suspicious code (especially
types: [opened, edited, synchronize] # # to the .sh or .py files in the tool/ directory.)
# pull_request_target:
# types: [opened, edited, synchronize]
jobs: jobs:
build: build: