Run compressed-size on pull_request_target #10707
Conversation
|
If I understand it correct this will make it that if I make branch X and open a PR against master it will run the size limit against branch X in the PR and not against the current changes of X in master already? |
|
I think it should use the PR code, just the action is taken from master. (so you can not use the action with elevated rights to hijack the repo using a PR) |
There was a problem hiding this comment.
Yeah I also read that in the docs, thats why I thought it would run against only the PR.
Downside is that it might work in the PR but than fail in the repo. In this case @stockiNail PR would pass the size limit as I understand it correctly but then fail in master since my PR was also in there.
But security is more important so if this issue starts to arrise we will need to give it a look then or throw a PR after it that increases the size limit 👍🏻
|
Dejavu #8440 Nothing noted why it was reverted, but I'm guessing its just what @LeeLenaleee said, checking the wrong code for size. |
|
What was the reason then for the revert? |
|
Closing as this would not work as expected or if tweaked to checkout the PR code, it would be unsafe. |
This should enable it to comment, because the version already in master will be executed.
https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows#pull_request_target