adamreeve opened a new pull request, #255: URL: https://github.com/apache/arrow-dotnet/pull/255
This uses the `pull_request_target` trigger, which goes against the [ASF GitHub Actions Policy](https://infra.apache.org/github-actions-policy.html). From reading https://securitylab.github.com/resources/github-actions-preventing-pwn-requests/, my understanding is that we're using `pull_request_target` correctly here by not checking out untrusted code. We need to use this target instead of `pull_request` to have permission to comment on the PR. The ASF automated check seems too strict to me, but I'm not sure it's worth the hassle to challenge this and we can work without this workflow. Maybe as an alternative, we could add something to the pull request template that's commented out by default but users can uncomment and edit if they're making documentation changes? I can add that in a follow-up PR. cc @kou -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
