Ma77Ball commented on issue #4290: URL: https://github.com/apache/texera/issues/4290#issuecomment-4403739978
I don't think we should remove this discussion I this might be good to table or keep here until we have a larger test suite that actually pushes us toward the resource limits (or require some keys to be shared in the workflow). One concern about Option 1 worth flagging regardless of which way we go: bad actors don't always show their hand on the first PR. Someone can land a few benign contributions to get past the first-time-contributor gate, then submit something problematic later. xz is the well-known example, but the pattern is general trust earned on small PRs being spent on a later one. It ties back to #4279, which is my original idea about only blocking auto pr runs that touch the ci. Two concrete guardrails I'd want either way: 1. A CODEOWNERS entry on `.github/workflows/**` so workflow changes need committer review even from auto-approved contributors. 2. A header comment in each workflow file noting that secrets and tokens must never be added to anything reachable from a fork PR to keep future edits ASF-compliant and the auto-approval model safe. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
