zsp/everything-claude-code
1
0
Fork 0
mirror of https://github.com/affaan-m/everything-claude-code.git synced 2026-04-14 22:13:41 +08:00
Code Issues Packages Projects Releases Wiki Activity

fix: block unsafe privileged workflow checkouts

Browse Source
This commit is contained in:
Affaan Mustafa
2026-04-12 23:23:01 -07:00
parent a2ad68e7e6
commit 3792b69a38
4 changed files with 235 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
.github/workflows/ci.yml vendored
View File

@@ -190,6 +190,10 @@ jobs:
run: node scripts/ci/validate-install-manifests.js
continue-on-error: false
- name: Validate workflow security
run: node scripts/ci/validate-workflow-security.js
continue-on-error: false
- name: Validate rules
run: node scripts/ci/validate-rules.js
continue-on-error: false

3
.github/workflows/reusable-validate.yml vendored
View File

@@ -42,6 +42,9 @@ jobs:
- name: Validate install manifests
run: node scripts/ci/validate-install-manifests.js
- name: Validate workflow security
run: node scripts/ci/validate-workflow-security.js
- name: Validate rules
run: node scripts/ci/validate-rules.js