Checkout v7
Safer fork pull request handling: checkout now refuses to check out fork pull request code by default when the workflow is triggered by pull_request_target or workflow_run. These triggers run with the base repository's GITHUB_TOKEN, secrets, and runner access, where executing a fork's code commonly leads to "pwn request" vulnerabilities.
To opt in after reviewing the risks, set the new allow-unsafe-pr-checkout: true input.
Le workflow .github/workflows/auto_changelog.yml ne fonctionne plus.
Checkout v7
Le workflow .github/workflows/auto_changelog.yml ne fonctionne plus.