Discussions related to GitHub Actions
Malicious code can be inserted into any GitHub action, even those which are tagged.
The GitHub Actions Runner is now open sourced. File issues and contribute to one of the most important components of GitHub Actions directly at: https://github.com/actions/runner The Runner is the application that runs a job from
I wish they would just add approval gates.
Yes, agreed. I haven’t found the best way to do this. What I’ve seen so far is to use labels, but there’s no good way to restrict who can add labels if someone has write permission.
@jedineeper has joined the channel