[llvm] Reapply [workflows] Split pr-code-format into two parts to make it more secure (#78215) (PR #80495)
Aiden Grossman via llvm-commits
llvm-commits at lists.llvm.org
Tue Apr 2 00:35:08 PDT 2024
================
@@ -31,12 +28,13 @@ jobs:
separator: ","
skip_initial_fetch: true
- # We need to make sure that we aren't executing/using any code from the
- # PR for security reasons as we're using pull_request_target. Checkout
- # the target branch with the necessary files.
+ # We need to pull the script from the main branch, so that we ensure
+ # we get the latest version of this script.
- name: Fetch code formatting utils
uses: actions/checkout at v4
with:
+ reository: ${{ github.repository }}
----------------
boomanaiden154 wrote:
f6c87be1dd24a121d7eccd6b91ca808ecdf80356
Thanks for pointing this out!
https://github.com/llvm/llvm-project/pull/80495
More information about the llvm-commits
mailing list