Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Change action to address forks #659

Merged
merged 23 commits into from
Sep 3, 2021
Merged

Change action to address forks #659

merged 23 commits into from
Sep 3, 2021

Conversation

lzchen
Copy link
Contributor

@lzchen lzchen commented Sep 2, 2021

No description provided.

@lzchen
Create changelog copy.yml
5fc1b4e
@lzchen
test
1882a70
@lzchen
name
c095206
@lzchen
Merge branch 'main' of https://github.com/open-telemetry/opentelemetr…
e291d1e 
…y-python-contrib
@lzchen
Merge branch 'main' of https://github.com/open-telemetry/opentelemetr…
f5cb0df 
…y-python-contrib
@lzchen
Merge branch 'main' of https://github.com/open-telemetry/opentelemetr…
35fcccc 
…y-python-contrib
@lzchen
Merge branch 'main' of https://github.com/open-telemetry/opentelemetr…
f1f099a 
…y-python-contrib
@lzchen
Merge branch 'main' of https://github.com/open-telemetry/opentelemetr…
9226d8b 
…y-python-contrib
@lzchen
Merge branch 'main' of https://github.com/open-telemetry/opentelemetr…
ae7ccd5 
…y-python-contrib
@lzchen
Merge branch 'main' of https://github.com/open-telemetry/opentelemetr…
d5b1c7f 
…y-python-contrib
@lzchen
Delete contributing-message.yml
f3c5162
@lzchen
Merge branch 'main' of https://github.com/open-telemetry/opentelemetr…
7397369 
…y-python-contrib
@lzchen
Merge branch 'main' of https://github.com/open-telemetry/opentelemetr…
beecaf4 
…y-python-contrib
@lzchen
Merge branch 'main' of https://github.com/open-telemetry/opentelemetr…
8c34bd5 
…y-python-contrib
@lzchen
Merge branch 'main' of https://github.com/open-telemetry/opentelemetr…
0ee5067 
…y-python-contrib
@lzchen
Merge branch 'main' of https://github.com/open-telemetry/opentelemetr…
2eb0d59 
…y-python-contrib
@lzchen
Merge branch 'main' of https://github.com/open-telemetry/opentelemetr…
eb9f9e0 
…y-python-contrib
@lzchen
Merge branch 'main' of https://github.com/open-telemetry/opentelemetr…
7fb531d 
…y-python-contrib
@lzchen
Merge branch 'main' of https://github.com/open-telemetry/opentelemetr…
7737f53 
…y-python-contrib
@lzchen
Merge branch 'main' of https://github.com/open-telemetry/opentelemetr…
9d5c43e 
…y-python-contrib
@lzchen
owner
fe98337
@lzchen
Update component-owners.yml
1a1a825
@lzchen
Merge branch 'main' of https://github.com/open-telemetry/opentelemetr…
1c84726 
…y-python-contrib into owner
@lzchen lzchen requested a review from a team as a code owner September 2, 2021 22:40
@lzchen lzchen added the Skip Changelog PRs that do not require a CHANGELOG.md entry label Sep 3, 2021
NathanielRN
NathanielRN approved these changes Sep 3, 2021
View reviewed changes
Copy link
Contributor

@NathanielRN NathanielRN left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice! I guess we do have to be careful running code from works in this workflow from now on, based on GitHub's warning for this event:

Warning: The pull_request_target event is granted a read/write repository token and can access secrets, even when it is triggered from a fork. Although the workflow runs in the context of the base of the pull request, you should make sure that you do not check out, build, or run untrusted code from the pull request with this event. Additionally, any caches share the same scope as the base branch, and to help prevent cache poisoning, you should not save the cache if there is a possibility that the cache contents were altered. For more information, see "Keeping your GitHub Actions and workflows secure: Preventing pwn requests" on the GitHub Security Lab website.

@lzchen
Copy link
Contributor Author

lzchen commented Sep 3, 2021

@NathanielRN

Right, we should be providing our utmost attention to security flaws when reviewing PRs anyways =p

@lzchen lzchen merged commit 0e5853b into open-telemetry:main Sep 3, 2021
@lzchen lzchen deleted the owner branch September 3, 2021 17:16
@NathanielRN NathanielRN mentioned this pull request Sep 8, 2021
Merged
4 tasks
@NathanielRN NathanielRN mentioned this pull request Sep 8, 2021
Merged
3 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@NathanielRN NathanielRN NathanielRN approved these changes

Assignees
No one assigned
Labels
Skip Changelog PRs that do not require a CHANGELOG.md entry
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@lzchen @NathanielRN