mirror of
https://github.com/TryGhost/Ghost.git
synced 2025-03-11 02:12:21 -05:00
Pinned GH Action for migration PR workflow to a specific commit
no-issue - The workflow runs in the pull_request_target context which has access to repo secrets even when triggered from a fork - Pinned the GH Action to a specific version to guard against upstream changes to the Action which may abuse access to secrets
This commit is contained in:
Matt Hanley
parent
a68854c3bd
commit
1477d2712b
1 changed files with 1 additions and 1 deletions
2
.github/workflows/migration-review.yml
vendored
2
.github/workflows/migration-review.yml
vendored
|
|
@ -10,7 +10,7 @@ jobs:
|
||||||
runs-on: ubuntu-latest
|
runs-on: ubuntu-latest
|
||||||
name: Create checklist comment
|
name: Create checklist comment
|
||||||
steps:
|
steps:
|
||||||
- uses: peter-evans/create-or-update-comment@v1
|
- uses: peter-evans/create-or-update-comment@85a7ce63456c26d56a5ea525941e3d89f9e6e20a
|
||||||
with:
|
with:
|
||||||
issue-number: ${{ github.event.pull_request.number }}
|
issue-number: ${{ github.event.pull_request.number }}
|
||||||
body: |
|
body: |
|
||||||
|
|
|
||||||
Loading…
Add table
Reference in a new issue