You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The current implementation is not obviously broken (it's not running binaries from the untrusted checkout), but manipulating the untrusted checkout at all in a privileged context is riskier than necessary, so would be improved by splitting into two parts.
Yes this would be nice. But I looked at the ways to do this and felt dumb and don't have much time to work on this right now. Happy to review if someone have more time to look into this though.
Activity
tru commentedon Jan 12, 2024
Yes this would be nice. But I looked at the ways to do this and felt dumb and don't have much time to work on this right now. Happy to review if someone have more time to look into this though.
[workflows] Split pr-code-format into two parts to make it more secure
[workflows] Split pr-code-format into two parts to make it more secure (
Reapply [workflows] Split pr-code-format into two parts to make it mo…
Reapply [workflows] Split pr-code-format into two parts to make it mo…
[workflows] Split pr-code-format into two parts to make it more secure (
Reapply [workflows] Split pr-code-format into two parts to make it mo…
Reapply [workflows] Split pr-code-format into two parts to make it mo…