Y
Hacker News
new
|
ask
|
show
|
jobs
by
stasge
462 days ago
While I agree that GitHub Actions could be more "secure and safe" by default most gaps are easy enough to fill. With
https://github.com/marketplace/actions/check-actions
you can ensure timeouts, permissions and version pinning. With
https://registry.terraform.io/modules/giner/repo/github
you can manage all repos together with workflows.