alt Hacker NewsLong story short: they messed up the assign-reviewers.yml workflow, allowing external contributors to merge PRs without proper reviews. From this point on, you're fully open to all kinds of bad stuff.
Replies
vanschelven • yesterday at 10:19 PM
more so in case you actually do the "secrets on github with the right to do meaningful things"
➕ show 1 reply
Opener source software