Fresh from @github.com: "Starting today, actions/checkout@v7 is GA and refuses common pwn requests"
The pull_request_target is one of the most commonly misused triggers in GitHub Actions, leading to vulnerabilities in workflows. It runs with the base token and secrets!⚠️
github.blog/changelog/20...
The pull_request_target event is one of the most commonly misused triggers in GitHub Actions, leading to vulnerabilities in workflows. Workflows triggered by pull_request_target run with the base repo...
