nchammas commented on PR #54216:
URL: https://github.com/apache/spark/pull/54216#issuecomment-4909787397

   Ah, looks like it was an issue with the `pull_request_target` trigger. 
Thanks for the reference.
   
   That page links to [this 
one](https://cwiki.apache.org/confluence/display/INFRA/GHA-dangers+of+pull_request_target),
 and though I have an old Confluence account that's still active, I get a "Page 
Not Found". Is it a permissions issue, or is that link broken for you too?
   
   I would like to follow-up with ASF INFRA about this as [their current 
docs](https://cwiki.apache.org/confluence/spaces/BUILDS/pages/321719166/GitHub+Actions+Security#GitHubActionsSecurity-Dangerousworkflows)
 suggest the labeler workflow may be OK as long as nothing else uses the 
`pull_request_target` trigger and workflow does not execute user code.
   
   Is it OK with you if I contacted INFRA about this on behalf of the project?


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]


---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to