From b65166c3f4ca44f261d1e5408ec4b8a6fef67154 Mon Sep 17 00:00:00 2001 From: izefoea-test1 <1275182375@qq.com> Date: Thu, 24 Apr 2025 17:11:06 +0800 Subject: [PATCH 1/3] Update run.sh --- run.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/run.sh b/run.sh index 5c4e2b252d60..547b8d59a56f 100644 --- a/run.sh +++ b/run.sh @@ -1,2 +1,2 @@ #!/bin/bash -echo "✅ This is the original script from BASE repo." +echo "🚨 This is a MALICIOUS script from FORK repo!" From 8e556da642629d03527bb69187cea17579fa17a3 Mon Sep 17 00:00:00 2001 From: izefoea-test1 <1275182375@qq.com> Date: Thu, 24 Apr 2025 21:08:09 +0800 Subject: [PATCH 2/3] Create test-fork-pr.yml --- .github/workflows/test-fork-pr.yml | 40 ++++++++++++++++++++++++++++++ 1 file changed, 40 insertions(+) create mode 100644 .github/workflows/test-fork-pr.yml diff --git a/.github/workflows/test-fork-pr.yml b/.github/workflows/test-fork-pr.yml new file mode 100644 index 000000000000..00e3159f5895 --- /dev/null +++ b/.github/workflows/test-fork-pr.yml @@ -0,0 +1,40 @@ +name: 测试 Fork 中新增 Workflow 是否马上执行 + +# 只在 PR 提交到 base 仓库时触发 +on: + pull_request: + types: + - opened + - synchronize + - reopened + +permissions: + # 只读内容即可,足够上传 artifact + contents: read + +jobs: + proof_execution: + runs-on: ubuntu-latest + + steps: + - name: 打印 GitHub 运行上下文 + run: | + echo "工作流名称:${{ github.workflow }}" + echo "事件类型:${{ github.event_name }}" + echo "PR 来源仓库:${{ github.event.pull_request.head.repo.full_name }}" + echo "PR 来源分支:${{ github.event.pull_request.head.ref }}" + + - name: 列出 .github/workflows 目录 + run: | + echo "当前工作区下的 workflows:" + ls -R .github/workflows + + - name: 生成执行凭证文件 + run: | + echo "✅ Workflow 在 $(date) 被执行" > proof-of-execution.txt + + - name: 上传执行凭证(artifact) + uses: actions/upload-artifact@v3 + with: + name: proof-of-execution + path: proof-of-execution.txt From 92c51c99bef978eb4673bce9211d818b91b0c4a0 Mon Sep 17 00:00:00 2001 From: izefoea-test1 <1275182375@qq.com> Date: Sun, 11 May 2025 18:14:44 +0800 Subject: [PATCH 3/3] Update test-fork-pr.yml --- .github/workflows/test-fork-pr.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/test-fork-pr.yml b/.github/workflows/test-fork-pr.yml index 00e3159f5895..864aac875ba9 100644 --- a/.github/workflows/test-fork-pr.yml +++ b/.github/workflows/test-fork-pr.yml @@ -9,7 +9,6 @@ on: - reopened permissions: - # 只读内容即可,足够上传 artifact contents: read jobs: