squakez commented on issue #4024: URL: https://github.com/apache/camel-k/issues/4024#issuecomment-1415383474
> Back to the GitHub URL feature, don't you believe that losing control of what is built, could allow the execution of malicious code at build time that could, for example, use the K8s API to collect sensitive data especially if the build is made from the operator's pod? I'm not particularly worried, consider any pipeline tool (ie Tekton), they have tasks to pull from git and build accordingly. At some point we may even think to integrate them from any given pipeline technology. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
