cicd/checkout
1
0
Fork 0
mirror of https://github.com/actions/checkout.git synced 2026-06-16 13:36:11 +03:00
Code Issues Packages Projects Releases Wiki Activity

update description and url again

Browse Source
This commit is contained in:
Aiqiao Yan
2026-06-15 21:07:44 +00:00
parent cb140b4908
commit baaeba4a5e
4 changed files with 14 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files
dist/index.js
Vendored
+4 -4
View File
@@ -2832,10 +2832,10 @@ function assertSafePrCheckout(input) {
}
throw new Error(`Refusing to check out fork pull request code from a '${eventName}' workflow. ` +
`This workflow runs with the base repository's GITHUB_TOKEN, secrets, default-branch ` +
`cache scope, and runner access. Fetching fork's code in that trusted context is a ` +
`"pwn request" supply-chain attack pattern. To opt in after reviewing the risks at ` +
`https://gh.io/allow-unsafe-pr-checkout, set 'allow-unsafe-pr-checkout: true' on the ` +
`actions/checkout step.`);
`cache scope, and runner access. Fetching and executing a fork's code in that trusted ` +
`context commonly leads to "pwn request" vulnerabilities. To opt in after reviewing ` +
`the risks at https://gh.io/securely-using-pull-request-checkout, set ` +
`'allow-unsafe-pr-checkout: true' on the actions/checkout step.`);
}
function pushIfSha(target, value) {
if (typeof value === 'string' && value.length > 0) {