FYI: Using the action like in the example would make you vulnerable to pwn requests #29316
Unanswered
ST-DDT
asked this question in
Q&A / Help
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
The current run-nothing example is safe, but running anything in there that uses the source code is dangerous as it uses elevated permissions.
I'll recommend removing the example or raising awareness by adding a comment.
superset/.github/workflows/labeler.yml
Lines 20 to 21 in 6378ec5
Beta Was this translation helpful? Give feedback.
All reactions