Never heard of pull_request_target before today and I think I’m with him, I don’t know what I would possibly use it for that would justify the risk of unreviewed code getting access to build environments. Seems bananas.
Never heard of pull_request_target before today and I think I’m with him, I don’t know what I would possibly use it for that would justify the risk of unreviewed code getting access to build environments. Seems bananas.
It was bound to happen, as github actions are mess.
Im just happy that AI bros got hit this time, instead of something important.