diff options
author | pennae <82953136+pennae@users.noreply.github.com> | 2023-03-18 13:16:10 +0100 |
---|---|---|
committer | pennae <82953136+pennae@users.noreply.github.com> | 2023-03-19 22:45:33 +0100 |
commit | 2daba98981f9320de1be3a10d9bf37c0b77094e3 (patch) | |
tree | 31f9b90216d90d5c6ac2d674770f4492f9edb4bd /.github | |
parent | 42abb58ab30f7e19a615952322bc4e7cb5aa1bdb (diff) |
workflows: check maintainers sortedness on pull_request_target
`pull_request` workflows need approval to run, `pull_request_target` does not. this one isn't particularly vulnerable and doesn't take long to run, so we may as well run it without approval.
Diffstat (limited to '.github')
-rw-r--r-- | .github/workflows/check-maintainers-sorted.yaml | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/.github/workflows/check-maintainers-sorted.yaml b/.github/workflows/check-maintainers-sorted.yaml index 73987f9b91682..2c2473250d820 100644 --- a/.github/workflows/check-maintainers-sorted.yaml +++ b/.github/workflows/check-maintainers-sorted.yaml @@ -1,7 +1,7 @@ name: "Check that maintainer list is sorted" on: - pull_request: + pull_request_target: paths: - 'maintainers/maintainer-list.nix' permissions: @@ -13,6 +13,9 @@ jobs: if: github.repository_owner == 'NixOS' steps: - uses: actions/checkout@v3 + with: + # pull_request_target checks out the base branch by default + ref: refs/pull/${{ github.event.pull_request.number }}/merge - uses: cachix/install-nix-action@v19 with: # explicitly enable sandbox |