Version updated for https://github.com/nilsreichardt/verify-safe-to-test-label to version v2.0.0. This action is used across all versions by 2 repositories. Action Type This is a Node action using Node version 24. Go to the GitHub Marketplace to find the latest changes. Action Summary The verify-safe-to-test-label GitHub Action ensures that a Pull Request has been manually reviewed and assigned a specific label (e.g., safe to test) before executing sensitive workflows, particularly when using pull_request_target. This action mitigates security risks, such as secret exfiltration, by acting as a gatekeeper to prevent malicious code execution from untrusted forks.

Version updated for https://github.com/nilsreichardt/verify-safe-to-test-label to version v1.0.6. This action is used across all versions by 2 repositories. Action Type This is a Node action using Node version 24. Go to the GitHub Marketplace to find the latest changes. Action Summary The verify-safe-to-test-label GitHub Action ensures that sensitive CI/CD steps involving repository secrets only run if a designated safe to test label is applied to a pull request. It addresses security vulnerabilities associated with the pull_request_target trigger, which can expose secrets to untrusted forked PRs, by acting as a manual gatekeeper to prevent unauthorized access.

Version updated for https://github.com/nilsreichardt/verify-safe-to-test-label to version v1.0.5. This action is used across all versions by 2 repositories. Action Type This is a Node action using Node version 24. Go to the GitHub Marketplace to find the latest changes. Action Summary The verify-safe-to-test-label GitHub Action ensures that a Pull Request (PR) has been manually reviewed and labeled as “safe to test” before running sensitive workflow steps, such as those involving secrets or elevated permissions.