actions/checkout
1
0
Fork 0
mirror of https://github.com/actions/checkout.git synced 2026-06-16 13:18:41 +07:00
Code Issues Packages Projects Releases Wiki Activity

update description and url again

Browse Source
This commit is contained in:
Aiqiao Yan
2026-06-15 21:07:44 +00:00
parent cb140b4908
commit baaeba4a5e
4 changed files with 14 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files
action.yml
+3 -3
View File
@@ -103,9 +103,9 @@ inputs:
Required to check out fork pull request code from a workflow triggered by
`pull_request_target` or `workflow_run`. These workflows run with the
base repository's GITHUB_TOKEN, secrets, default-branch cache scope, and
runner access; fetching a fork's code in that trusted context is a
"pwn request" supply-chain attack pattern. Set to `true` only after
reviewing the risks at https://gh.io/allow-unsafe-pr-checkout.
runner access; fetching and executing a fork's code in that trusted
context commonly leads to "pwn request" vulnerabilities. Set to `true`
only after reviewing the risks at https://gh.io/securely-using-pull-request-checkout.
default: false
outputs:
ref: