mirror of
https://github.com/TryGhost/Ghost.git
synced 2024-12-25 03:44:29 +03:00
Pinned GH Action for migration PR workflow to a specific commit
no-issue - The workflow runs in the pull_request_target context which has access to repo secrets even when triggered from a fork - Pinned the GH Action to a specific version to guard against upstream changes to the Action which may abuse access to secrets
This commit is contained in:
parent
a68854c3bd
commit
1477d2712b
2
.github/workflows/migration-review.yml
vendored
2
.github/workflows/migration-review.yml
vendored
@ -10,7 +10,7 @@ jobs:
|
||||
runs-on: ubuntu-latest
|
||||
name: Create checklist comment
|
||||
steps:
|
||||
- uses: peter-evans/create-or-update-comment@v1
|
||||
- uses: peter-evans/create-or-update-comment@85a7ce63456c26d56a5ea525941e3d89f9e6e20a
|
||||
with:
|
||||
issue-number: ${{ github.event.pull_request.number }}
|
||||
body: |
|
||||
|
Loading…
Reference in New Issue
Block a user