Ma77Ball commented on issue #4290: URL: https://github.com/apache/texera/issues/4290#issuecomment-4291121221
The most common pattern I observed is that Apache projects tend to avoid running workflows directly on the main repository. Instead, they offload execution to external systems such as Azure CI or the contributor's forked repository. This sidesteps the issue entirely while also being the more secure approach, as it limits exposure to potentially malicious code in untrusted pull requests. Some projects also use self-hosted runners. However, self-hosted runners come with their own concerns; unlike cloud runners, they persist between jobs, so any malicious code running on them could leave the environment vulnerable. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
