CI still checks out the PR branch and runs the scripts within, doesn't it?

Ahh, yes, in fact thats what Github were warning about, by default the action can do anything, so what CI can do should be restricted (by the Geany security expert team ;-) and then we are back to the original position where normal people can't modify CI, sigh, I hate security issues.


Reply to this email directly, view it on GitHub, or unsubscribe.
You are receiving this because you are subscribed to this thread.Message ID: <geany/geany/pull/3568/c1746357503@github.com>