Skip to content

Commit

Permalink
Add extra security via validating PR source branch
Browse files Browse the repository at this point in the history
  • Loading branch information
@StrangeRanger
StrangeRanger committed Nov 27, 2024
1 parent ad6fc1f commit 04f4905
Showing 1 changed file with 7 additions and 0 deletions.
7 changes: 7 additions & 0 deletions .github/workflows/update-submodule-files.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,13 @@ jobs:
ref: ${{ github.event.pull_request.head.sha }}
submodules: true

- name: Validate PR source branch
run: |
if [[ ${{ github.event.pull_request.head.repo.full_name }} != '${{ github.repository }}' ]]; then
echo "Untrusted repository detected! Exiting.";
exit 1;
fi
- name: Import GPG key
uses: crazy-max/ghaction-import-gpg@v6
with:
Expand Down

0 comments on commit 04f4905

Please sign in to comment.