Fix/bind addr ipv6 fallback #16
Triggered via pull request
July 6, 2026 05:45
pinguinfuss
opened
#219
Status
Failure
Total duration
9s
Artifacts
–
permissions.yml
on: pull_request_target
permission_check
/
permission_check
5s
Annotations
1 error
|
permission_check / permission_check
Refusing to check out fork pull request code from a 'pull_request_target' workflow. This workflow runs with the base repository's GITHUB_TOKEN, secrets, default-branch cache scope, and runner access. Fetching and executing a fork's code in that trusted context commonly leads to "pwn request" vulnerabilities. To opt in, review the risks at https://gh.io/securely-using-pull_request_target and set 'allow-unsafe-pr-checkout: true' on the actions/checkout step.
|