| Issue |
77142
|
| Summary |
Split pr-code-format.yml into separate untrusted+trusted workflows
|
| Labels |
github:workflow
|
| Assignees |
|
| Reporter |
jyknight
|
The workflow should be split in two, with a "pull_request" workflow (unprivileged) to run formatting actions, and a separate "workflow_run" (privileged) to post the issue update, as recommended by https://securitylab.github.com/research/github-actions-preventing-pwn-requests/
The current implementation is not _obviously_ broken (it's not running binaries from the untrusted checkout), but manipulating the untrusted checkout at all in a privileged context is riskier than necessary, so would be improved by splitting into two parts.
@tstellar @tru @boomanaiden154
![]()
_______________________________________________
llvm-bugs mailing list
llvm-bugs@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-bugs
