YourWishes/checkout
1
0
Fork 0
mirror of https://gitea.com/actions/checkout.git synced 2026-06-16 07:40:09 -05:00
Code Issues Packages Projects Releases Wiki Activity

update urls

Browse Source
This commit is contained in:
Aiqiao Yan
2026-06-15 20:07:36 +00:00
parent c2edb9a740
commit 678aa28ba1
4 changed files with 16 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/unsafe-pr-checkout-helper.ts
+3 -2
View File
@@ -75,8 +75,9 @@ export function assertSafePrCheckout(input: IUnsafePrCheckoutInput): void {
`Refusing to check out fork pull request code from a '${eventName}' workflow. ` +
`This workflow runs with the base repository's GITHUB_TOKEN, secrets, default-branch ` +
`cache scope, and runner access. Fetching fork's code in that trusted context is a ` +
`"pwn request" supply-chain attack pattern. To opt in after reviewing the risk, set ` +
`'allow-unsafe-pr-checkout: true' on the actions/checkout step.`
`"pwn request" supply-chain attack pattern. To opt in after reviewing the risks at ` +
`https://gh.io/allow-unsafe-pr-checkout, set 'allow-unsafe-pr-checkout: true' on the ` +
`actions/checkout step.`
)
}