Hisoka-X commented on PR #4268: URL: https://github.com/apache/flink-cdc/pull/4268#issuecomment-3874980025
This actually covers two things. The first is about the use of `pull_request_target`. According to the ASF infra policies, the original text states: > You MUST NOT use `pull_request_target` as a trigger on ANY action that exports ANY confidential credentials or tokens such as `GITHUB_TOKEN` or `NPM_TOKEN`. My understanding is that we cannot use `pull_request_target` to access any confidential data, but this doesn't mean we cannot use `pull_request_target` at all. The second point is about running actions in a forked repository. The resulting effect can be seen at https://github.com/gaogaotiantian/spark/runs/63040577681, where the action runs in the forked repository and the results are tracked on the pull request. I can implement this if needed. @yuxiqian -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
