-
|
Currently, GitHub Actions require explicit approval from maintainers before they can run on external pull requests. This creates unnecessary friction for contributors who want to share their PRs, as they have to wait for someone with permissions to approve the action execution each time. This delay can slow down the development process and make it less efficient for contributors. Can we enable actions to run automatically for pull requests? |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment
-
|
Hello, Sorry, we cannot approve of your request for security reasons. The security policy on GitHub Actions prevents possible attacks such as arbitrary code execution, including ones that could target organization secrets or consume CI minutes for malevolent purposes. Our team is reviewing PRs before launching CI executions. Just because someone is a contributor doesn't mean they won't become malevolent in the future, it is indeed a common tactic.
Running the CI tests locally is good practice that will make it more certain that your code contribution will pass and shorten review time (maintainers don't approve a PR that doesn't pass)
|
Beta Was this translation helpful? Give feedback.
Hello,
Sorry, we cannot approve of your request for security reasons.
The security policy on GitHub Actions prevents possible attacks such as arbitrary code execution, including ones that could target organization secrets or consume CI minutes for malevolent purposes.
Our team is reviewing PRs before launching CI executions.
Just because someone is a contributor doesn't mean they won't become malevolent in the future, it is indeed a common tactic.
Running the CI tests locally is good practice that will make it more certain that your code contribution will pass and shorten review time (maintaine…