By default pull requests my new contributors require approval from someone with write-access to the repo before running actions.
These repos have specifically decided to change a setting to make them not require approval for anyone. The UI to change that setting explicitly warns you about exactly this attack, so this “article” feels like a non-item trying to farm engagement.
By default pull requests my new contributors require approval from someone with write-access to the repo before running actions.
These repos have specifically decided to change a setting to make them not require approval for anyone. The UI to change that setting explicitly warns you about exactly this attack, so this “article” feels like a non-item trying to farm engagement.