|
|
|
|
|
|
by throwaway889900
372 days ago
|
|
|
Not only can you yourself manually check out a specific repo, but if you have submodules and do a recursive checkout, it's also possible to pull in other security nightmares from places you never expected now. That would be one complicated attack to pull off though, chain of compromised workflows haha |
|
|