0
0
Fork 0
mirror of https://codeberg.org/forgejo/docs.git synced 2024-11-30 19:03:43 -05:00

user: actions: on.pull_request_target workflows are not moderated

(cherry picked from commit 1f7a005627)
This commit is contained in:
Earl Warren 2023-09-28 18:20:16 +02:00 committed by Earl Warren
parent ab3dc4d639
commit 334a5305c3

View file

@ -188,16 +188,21 @@ A `workflow` can be disabled (or enabled) by selecting it and using the three do
![disabling a workflow](../_images/user/actions/actions-disable.png)
## Pull request actions are moderated
## Pull request workflows are moderated
The first time a user proposes a pull request, the task is blocked to reduce the security risks.
The first time a user proposes a pull request, the `on.pull_request`
workflows are blocked.
![blocked action](../_images/user/actions/action-blocked.png)
It can be approved by a maintainer of the project and there will be no need to unblock future pull requests.
They can be approved by a maintainer of the project and there will be
no need to unblock future pull requests.
![button to approve an action](../_images/user/actions/action-approve.png)
The `on.pull_request_target` workflows are not subject to the same
restriction and will always run.
## Secrets
A repository, a user or an organization can hold secrets, a set of key/value pairs that are stored encrypted in the `Forgejo` database and revealed to the `workflows` as `${{ secrets.KEY }}`. They can be defined from the web interface: