The tool requires access to significant sensitive resources: your GitHub token and Docker (which essentially means it's root). It would be awesome if we could (also) run it in GitHub Actions to check new/updated actions and provide a 'green checkbox' that reviewers can rely on.
Originally posted by @dave2wave in #561 (comment)
The tool requires access to significant sensitive resources: your GitHub token and Docker (which essentially means it's root). It would be awesome if we could (also) run it in GitHub Actions to check new/updated actions and provide a 'green checkbox' that reviewers can rely on.
Originally posted by @dave2wave in #561 (comment)