# from: https://securitylab.github.com/resources/github-actions-preventing-pwn-requests/
# Copyright: 2021 Jaroslav Lobačevski
# License: Unknown, maybe fair use? Code comes from blog post.
# INSECURE. Provided as an example only.
on: pull_request_target
jobs:
build:
name: Build and test
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
with:
ref: ${{ github.event.pull_request.head.sha }}
- uses: actions/setup-node@v1
- run: |
npm install
npm build
- uses: completely/fakeaction@v2
with:
arg1: ${{ secrets.supersecret }}
- uses: fakerepo/comment-on-pr@v1
with:
message: |
Thank you!