Github Actions
Jump to navigation
Jump to search
Github Actions seems like a nice way to do continuous integration, but building other people's code from a pull request is a security vulnerability: https://securitylab.github.com/research/github-actions-preventing-pwn-requests/
Fortunately, we only need to get it right once and then we can have a shared copy between different repos: https://docs.github.com/en/actions/learn-github-actions/sharing-workflows-with-your-organization