How does GitHub handle pull requests from forked repositories in terms of Actions security?

Github Hard

Github — Hard

How does GitHub handle pull requests from forked repositories in terms of Actions security?

Key points

  • Fork PRs have restricted workflow permissions
  • Read-only GITHUB_TOKEN prevents secret access
  • Pull_request_target event requires careful use
  • Base repository context has full access

Ready to go further?

Start full exam Practice more questions

Related questions