Inicio Explorar Axuda
Iniciar sesión
tomteb
/
carbon-lang
1
0
Fork 0
Ficheiros Incidencias 0 Pull Requests 0 Wiki
Explorar o código

Switch to pull_request_target (#2014)

https://securitylab.github.com/research/github-actions-preventing-pwn-requests/#:~:text=The%20main%20differences%20between%20the,but%20not%20from%20external%20forks.

I'm hoping I actually have the cause of my issues right this time.
Jon Ross-Perkins %!s(int64=3) %!d(string=hai) anos
pai
efde2dcdd9
achega
21311334cb
Modificáronse 2 ficheiros con 8 adicións e 8 borrados
Dividir vista Mostrar estatísticas de Diff
  1. 6 6
      .github/workflows/proposal_labeled.yaml
  2. 2 2
      .github/workflows/proposal_ready.yaml

+ 6 - 6
.github/workflows/proposal_labeled.yaml
Ver ficheiro 

@@ -15,7 +15,7 @@
 
 
 name: Proposal labeled
 
 on:
 
-  pull_request:
 
+  pull_request_target:
 
     types:
 
       - labeled
 
 
@@ -34,7 +34,7 @@ jobs:
 
             --remove-label "proposal deferred" \
 
             --add-label "proposal"
 
         env:
 
-          GITHUB_TOKEN: ${{ secrets.LABEL_ACTION_GITHUB }}
 
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
 
           PR: ${{ github.event.pull_request.html_url }}
 
 
       - name: rfc
 
@@ -48,7 +48,7 @@ jobs:
 
             --remove-label "proposal deferred" \
 
             --add-label "proposal"
 
         env:
 
-          GITHUB_TOKEN: ${{ secrets.LABEL_ACTION_GITHUB }}
 
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
 
           PR: ${{ github.event.pull_request.html_url }}
 
 
       - name: accepted
 
@@ -62,7 +62,7 @@ jobs:
 
             --remove-label "proposal deferred" \
 
             --add-label "proposal"
 
         env:
 
-          GITHUB_TOKEN: ${{ secrets.LABEL_ACTION_GITHUB }}
 
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
 
           PR: ${{ github.event.pull_request.html_url }}
 
 
       - name: declined
 
@@ -76,7 +76,7 @@ jobs:
 
             --remove-label "proposal deferred" \
 
             --add-label "proposal"
 
         env:
 
-          GITHUB_TOKEN: ${{ secrets.LABEL_ACTION_GITHUB }}
 
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
 
           PR: ${{ github.event.pull_request.html_url }}
 
 
       - name: deferred
 
@@ -90,5 +90,5 @@ jobs:
 
             --remove-label "proposal declined" \
 
             --add-label "proposal"
 
         env:
 
-          GITHUB_TOKEN: ${{ secrets.LABEL_ACTION_GITHUB }}
 
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
 
           PR: ${{ github.event.pull_request.html_url }}

+ 2 - 2
.github/workflows/proposal_ready.yaml
Ver ficheiro 

@@ -6,7 +6,7 @@
 
 
 name: Proposal ready for review
 
 on:
 
-  pull_request:
 
+  pull_request_target:
 
     types:
 
       - ready_for_review
 
 
@@ -24,5 +24,5 @@ jobs:
 
             --remove-label "proposal deferred" \
 
             --add-label "proposal rfc"
 
         env:
 
-          GITHUB_TOKEN: ${{ secrets.LABEL_ACTION_GITHUB }}
 
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
 
           PR: ${{ github.event.pull_request.html_url }}