feat: add workflow to give CI request for review #22
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Contributor
CodeChenL
commented
Jun 17, 2024
CodeChenL
commented
- closed 添加workflow来给CI request for review #18
RadxaYuntian
requested changes
Jun 17, 2024
|
是不是需要你改一下权限设置 |
|
rsdk/.github/workflows/dependabot.yaml Lines 4 to 6 in 0a13e06 |
|
应该需要用pull_request_target才有write权限 |
|
又看了下,pull_request_target应该还是安全的 |
|
换成pull_request_target,现在为什么reopened触发不了呢 |
|
pull_request_target checkout 的是我们仓库的head,这样才可以避免执行非安全代码,而在我们的head是并没有这个文件的 |
|
已通过 CodeChenL#2 验证 |
RadxaYuntian
requested changes
Jun 17, 2024
RadxaYuntian
approved these changes
Jun 17, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.