personal_interest_mirrors/nebula
1
0
Fork 0
mirror of https://github.com/slackhq/nebula.git synced 2026-05-16 04:47:38 +02:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

gh workflow release: protect from ref_name attack (#1650)
Some checks failed
gofmt / Run gofmt (push) Failing after 4s
Details
smoke-extra / Run extra smoke tests (push) Failing after 3s
Details
smoke / Run multi node smoke test (push) Failing after 3s
Details
Build and test / Build all and test on ubuntu-linux (push) Failing after 2s
Details
Build and test / Build and test on linux with boringcrypto (push) Failing after 3s
Details
Build and test / Build and test on linux with pkcs11 (push) Failing after 2s
Details
Build and test / Build and test on macos-latest (push) Has been cancelled
Details
Build and test / Build and test on windows-latest (push) Has been cancelled
Details

Browse Source 
It is not likely, but better to be safe.
This commit is contained in:
Jay R. Wren
2026-04-06 12:24:28 -04:00
committed by GitHub
parent f8587956ba
commit 6727113b2b
1 changed files with 3 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
.github/workflows/release.yml vendored
View File

@@ -209,10 +209,11 @@ jobs:
id: create_release id: create_release
env: env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
GITHUB_REF_NAME: ${{ github.ref_name }}
run: | run: |
cd artifacts cd artifacts
gh release create \ gh release create \
--verify-tag \ --verify-tag \
--title "Release ${{ github.ref_name }}" \ --title "Release ${GITHUB_REF_NAME}" \
"${{ github.ref_name }}" \ "${GITHUB_REF_NAME}" \
SHASUM256.txt *-latest/*.zip *-latest/*.tar.gz SHASUM256.txt *-latest/*.zip *-latest/*.tar.gz