/top/
/new/
/best/
/ask/
/show/
/job/
^
slacker news
login
about
←back to thread
Public secrets exposure leads to supply chain attack on GitHub CodeQL
(www.praetorian.com)
297 points
cyberbender
| 1 comments |
30 Mar 25 19:54 UTC
|
HN request time: 0.201s
|
source
1.
udev4096
◴[
31 Mar 25 05:19 UTC
]
No.
43531366
[source]
▶
>>43527044 (OP)
#
Using public github actions is just asking for trouble and more so without analyzing the workflow's procedure. Instead, just host one yourself using woodpecker or countless other great CI builders (circle, travis, gitlab, etc)
ID:
GO
↑