Only generate a checkout token on private repositories#18
Merged
Conversation
We don't need submodules to run versionist so we can save time and skip this. CHange-type: patch Signed-off-by: Kyle Harding <kyle@balena.io>
Unfortunately artifact download on self-hosted runners is very slow compared to git checkouts, so after some use in production we decided to roll back this change. Still we can use a dedicated token for the checkout step with fixed permissions. Change-type: minor Signed-off-by: Kyle Harding <kyle@balena.io>
Public repositories should use the automatic github.token. Change-type: patch Signed-off-by: Kyle Harding <kyle@balena.io>
This rule is now duplicated by CodeQL actions/untrusted-checkout/high Change-type: patch Signed-off-by: Kyle Harding <kyle@balena.io>
Signed-off-by: Kyle Harding <kyle@balena.io>
klutchell
force-pushed
the
kyle/fix-fetch-depth
branch
from
146bf3d to
8e375f9
Compare
klutchell
force-pushed
the
kyle/fix-fetch-depth
branch
from
8e375f9 to
d43f91f
Compare
Collaborator
Author
|
I self-certify! |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Manual testing of product-os#1505