XComp opened a new pull request, #24607: URL: https://github.com/apache/flink/pull/24607
## What is the purpose of the change According to Apache Infra's [GitHub Action Policy|(https://infra.apache.org/github-actions-policy.html) we are allowed to use any action that is under `apache/`, `github/` and `actions` aside from the custom actions within the repository. Any other external action should be pinned and the corresponding code being reviewed to identify any malicious code. ## Brief change log * Identified `burnett01/rsync-deployments` as the only external action that need to be pinned * Reviewed code (see commit message) * Pinned action * Adds comment to remind contributors that `pull_request_target` is never meant to be used as a trigger to comply to Apache Infra * Upgraded checkout action to `v4` ## Verifying this change This change is a trivial rework / code cleanup without any test coverage. ## Does this pull request potentially affect one of the following parts: - Dependencies (does it add or upgrade a dependency): no - The public API, i.e., is any changed class annotated with `@Public(Evolving)`: no - The serializers: no - The runtime per-record code paths (performance sensitive): no - Anything that affects deployment or recovery: JobManager (and its components), Checkpointing, Kubernetes/Yarn, ZooKeeper: no - The S3 file system connector: no ## Documentation - Does this pull request introduce a new feature? no - If yes, how is the feature documented? not applicable -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@flink.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org