jprdonnelly/docs
1
0
Fork 0
mirror of synced 2026-01-08 03:01:54 -05:00
Code Issues Projects Releases Wiki Activity

Updating warning for clarity on risk case (#31490)

Browse Source 
Co-authored-by: Sophie <29382425+sophietheking@users.noreply.github.com>
Co-authored-by: Sophie <sophietheking@github.com>
This commit is contained in:
Ben De St Paer-Gotch
2022-10-13 14:21:20 +01:00
committed by GitHub
parent 6d94a72d37
commit 88dc75172e
1 changed files with 1 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
data/reusables/actions/hosted-runner-security.md
View File

@@ -1,3 +1 @@
We recommend that you only use {% data variables.actions.hosted_runner %}s with private repositories:
- Forks of your repository can potentially run dangerous code on your {% data variables.actions.hosted_runner %} by creating a pull request that executes the code in a workflow.
- You could incur unexpected costs if you allow forked repositories to run jobs on your {% data variables.actions.hosted_runner %}s.
If you are using a Fixed IP range, we recommend that you only use {% data variables.actions.hosted_runner %}s with private repositories. Forks of your repository can potentially run dangerous code on your {% data variables.actions.hosted_runner %} by creating a pull request that executes the code in a workflow.