DevOps | GitHub
GitHub Actions & Security: Best practices Rob Bos 06 Feb, 2021
Rob dove into GitHub Actions and noticed everyone stopped mentioning the best practise of forking the Action’s repository for security (and availability) reasons. In the current IT environment this is very insecure and should not be common practice.
Read this post to find out how to implement this best practice and level up your security stance on using GitHub Actions. You’ll also find a way to automatically keep your forks up to date, while giving you the opportunity to review the incoming changes before you merge them in!