Back to emschwartz's feed
🔄GitHub Actionsgithub.blogContent type: BlogContent type: Tutorial

Safer pull_request_target defaults for GitHub Actions checkout (opens in new tab)

Covers 2 stories See all stories this covers including Keeping your GitHub Actions and workflows secure: Preventing pwn requests (2021)Covered by Andrew Nesbitt

The pull_request_target event is one of the most commonly misused triggers in GitHub Actions, leading to vulnerabilities in workflows. Workflows triggered by pull_request_target run with the base repository’s GITHUB_TOKEN, secrets,… The post appeared first on .

Read the original article
Sign in to keep reading the full article.
Sign UpLog In

Covered in 1 article

Andrew Nesbitt·

This Week in Package Management: 20 June 2026

Feeds

Keyboard Shortcuts

Navigation

Next / previous post
j/k
Open post
oorEnter
Preview post
v

Post Actions

Love post
a
Like post
l
Dislike post
d
Undo reaction
u
Save / unsave
s

Recommendations

Add interest / feed
Enter
Not interested
x

Go to

Home
gh
Interests
gi
Feeds
gf
Likes
gl
History
gy
Changelog
gc
Settings
gs
Discover
gb
Search
/

General

Show this help
?
Submit feedback
!
Close modal / unfocus
Esc

Press ? anytime to show this help