Gitea 1.27.0
Hardened access checks and migration validation; Breaking change to reusable workflows in Actions
Read the full article3d agoen
You might also wanna read
The GitHub Actions Attack Pattern Your CI Security Scanners Miss
ActiveState explains how GitHub Actions attack chains can evade traditional CI security scanners, why passing a scan doesn't guarantee a sec
BleepingComputer·9d ago
GitHub introduces workflow execution protections to control who can trigger Actions
Workflow execution protections are now in public preview for GitHub Enterprise, organizations, and repositories. This new capability lets en
The case for GitHub Actions security after recent supply chain attacks
GitHub Actions workflows are vulnerable to pwn requests, script injection, and compromised credentials. Here's what's going wrong and what's
Datadog·1mo ago
Tightly control access to your Azure Repos
Snyk·7y ago
GitHub Actions' Package Manager Lacks Critical Security Features
GitHub Actions has a package manager that ignores decades of supply chain security best practices: no lockfile, no integrity verification, n
nesbitt.io·7mo ago
GitHub Actions workflows identified as common weak link in open source supply chain attacks
Anne Robinson would like a word with .github/workflows
Andrew Nesbitt·2mo ago

Comments
Sign in to join the conversation.
No comments yet. Be the first.