block checking out fork pr for pull_request_target and workflow_run (#2454)

* block checking out fork pr for some events * address copilot and reviewer feedback * run prettier formatting * build * update urls * update readme * update description and url again * edit url one more time
2026-06-26 14:48:49 +00:00 · 2026-06-16 10:03:43 -04:00 · 2026-06-16 10:03:43 -04:00 · f9e715a95f
commit f9e715a95f
parent df4cb1c069
10 changed files with 509 additions and 2 deletions
--- a/action.yml
+++ b/action.yml
@ -98,6 +98,15 @@ inputs:
  github-server-url:
    description: The base URL for the GitHub instance that you are trying to clone from, will use environment defaults to fetch from the same instance that the workflow is running from unless specified. Example URLs are https://github.com or https://my-ghes-server.example.com
    required: false
+  allow-unsafe-pr-checkout:
+    description: >
+      Required to check out fork pull request code from a workflow triggered by
+      `pull_request_target` or `workflow_run`. These workflows run with the
+      base repository's GITHUB_TOKEN, secrets, default-branch cache scope, and
+      runner access; fetching and executing a fork's code in that trusted
+      context commonly leads to "pwn request" vulnerabilities. Set to `true`
+      only after reviewing the risks at https://gh.io/securely-using-pull_request_target.
+    default: false
 outputs:
  ref:
    description: 'The branch, tag or SHA that was checked out'