Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
ericlewis
on Dec 20, 2019
|
parent
|
context
|
favorite
| on:
Use GitHub actions at your own risk
couldn't a malicious docker image also be tooled to dump all of that stuff to an external destination?
reilly3000
on Dec 20, 2019
[–]
Absolutely. CI systems tend to get broad access to everything sacred. Giving that level of access to community code is risky in the least.
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
