-
Notifications
You must be signed in to change notification settings - Fork 651
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
[CI] Don't persist git credentials in CI
# Motivation https://yossarian.net/til/post/actions-checkout-can-leak-github-credentials shows a common way to leak git credentials in CI. While we are not publishing artifacts right now, we can harden our security here by disabling the persistence of git credentials as much as possible. # Modification Don't persist git credentials when not needed. # Result Less likely to leak credentials
- Loading branch information
1 parent
a4e0a13
commit f2d0556
Showing
4 changed files
with
19 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters