Join GitHub today
GitHub is home to over 31 million developers working together to host and review code, manage projects, and build software together.Sign up
elaborate on force clean checkouts #397
Its not clear to me why building a commit from an untrusted source would be insecure when reusing a previous checkout.
Being able to place code into that directory, which might carefully take into account
The ultimately "clean build" is an entire VM for each job, with no shared checkout cache. But we've included this instruction for people wanting to run third-party PRs from the other direction… starting with the standard agent setup.
I hope that clarifies things!