lupyuen opened a new issue, #18359: URL: https://github.com/apache/nuttx/issues/18359
### Description / Steps to reproduce the issue ASF Infra Team has found a Policy Violation in the GitHub Actions Workflow for our NuttX Repo. This needs to be fixed within 60 days: ```text Subject: GitHub Actions workflow policy violations in nuttx From: Apache Infrastructure <[email protected]> The repository: nuttx has been scanned. Our analysis has found that the following GitHub Actions workflows need remediation: Pull Request Labeler: `pull_request_target` was found as a workflow trigger. see https://cwiki.apache.org/confluence/pages/viewpage.action?pageId=321719166#GitHubActionsSecurity-Buildstriggeredwithpull_request_target, for more details For more information on the GitHub Actions workflow policy, visit: https://infra.apache.org/github-actions-policy.html Please remediate the above as soon as possible. If after after 60 days these problems are not addressed, we will turn off builds ``` Sorry @simbit18: Did we change pull_request_target recently? What's the impact if we remove it? Thanks! ### On which OS does this issue occur? [OS: Linux] ### What is the version of your OS? GitHub CI ### NuttX Version master ### Issue Architecture [Arch: all] ### Issue Area [Area: Build System] ### Host information _No response_ ### Verification - [x] I have verified before submitting the report. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
