Ryan Mast (nightlark) <mast.r...@gmail.com> added the comment:
> On the main request, provided the workflow_dispatch is only triggerable by > non-contributors in their own fork (without any of our tokens/etc.) then it's > fine by me. If it allows anyone to trigger CI builds against the main repo, > I'd rather not. It should require write permissions in a repository to use the trigger, so they'll only be able to run workflows in the context of their fork: https://github.community/t/who-can-manually-trigger-a-workflow-using-workflow-dispatch/128592/4 I think you could also test this out by going to my fork and seeing if it lets you trigger the workflow: https://github.com/nightlark/cpython/actions/workflows/build.yml ---------- _______________________________________ Python tracker <rep...@bugs.python.org> <https://bugs.python.org/issue44972> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com