Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Per [1], we need to use pull_request_target instead of pull_request
here. The tl;dr is that this runs as the *users* credentials, but they may not have access to the repo. See also [2]. [1] https://securitylab.github.com/research/github-actions-preventing-pwn-requests/ [2] actions/first-interaction#31 Signed-off-by: Kyle Mestery <[email protected]>
- Loading branch information