mirror of
https://github.com/actualbudget/actual.git
synced 2026-03-11 20:44:32 -05:00
d008944022
* Remove the trafico pr review triggers - We loose triggers for Approved and Changes Requested - They weren't working on forks anyways * Add release note
37 lines
1.4 KiB
YAML
37 lines
1.4 KiB
YAML
##########################################################################################
|
|
# WARNING! This workflow uses the 'pull_request_target' event. That mans that it will #
|
|
# always run in the context of the main actualbudget/actual repo, even if the PR is from #
|
|
# a fork. This is necessary to get access to a GitHub token that can modify the PR. #
|
|
# Be VERY CAREFUL about adding things to this workflow, since forks can inject #
|
|
# arbitrary code into their branch, and can pollute the artifacts we download. Arbitrary #
|
|
# code execution in this workflow could lead to a compromise of the main repo. #
|
|
##########################################################################################
|
|
# See: https://securitylab.github.com/research/github-actions-preventing-pwn-requests #
|
|
##########################################################################################
|
|
|
|
name: Trafico Reviews
|
|
|
|
on:
|
|
pull_request_target:
|
|
types:
|
|
- opened
|
|
- closed
|
|
- reopened
|
|
- synchronize
|
|
- edited
|
|
- review_requested
|
|
- review_request_removed
|
|
|
|
concurrency:
|
|
group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
|
|
cancel-in-progress: true
|
|
|
|
jobs:
|
|
manage-review:
|
|
runs-on: ubuntu-latest
|
|
permissions:
|
|
pull-requests: write
|
|
steps:
|
|
- uses: actualbudget/trafico@main
|
|
with:
|
|
github-token: ${{ secrets.GITHUB_TOKEN }} |