You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: user/pull-requests.md
+2-2Lines changed: 2 additions & 2 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -29,10 +29,10 @@ To only build pull requests targeting specific branches you can use [the `branch
29
29
30
30
The most important restriction for pull requests is about secure environment variables and encrypted data.
31
31
32
-
A pull request sent from a fork of the upstream repository could be manipulated to expose environment variables.
32
+
A pull request sent from a fork of the upstream repository (we call it an "external pull request") could be manipulated to expose environment variables.
33
33
The upstream repository's maintainer would have no protection against this attack, as pull requests can be sent by anyone who forks the repository on GitHub.
34
34
35
-
Travis CI makes encrypted variables and data available only to pull requests coming from the same repository. These are considered trustworthy, as only members with write access to the repository can send them.
35
+
Travis CI makes encrypted variables and data available only to pull requests coming from the same repository ("internal pull requests"). These are considered trustworthy, as only members with write access to the repository can send them.
36
36
37
37
Pull requests sent from forked repositories do not have access to encrypted variables or data even if these are defined in the fork source project.
0 commit comments