-
Notifications
You must be signed in to change notification settings - Fork 201
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Security issue #30
Comments
This issue concerns the credential store used on the GitHub Runner and not this action itself. Also as you can see on your own fork, credentials are removed when the job is finished. |
@crazy-max, see actions/starter-workflows#96 (and the ref to docker/cli#2089). Ideally developers/maintainers of Docker and GitHub Actions would communicate with each other for achieving a satisfactory solution. |
Maybe GitHub could simply install the |
I've asked for this before. I'll push for it again. |
This comment has been minimized.
This comment has been minimized.
In the short term can we only filter out the login message? |
@eine @clarkbw actions/runner-images#2304 has been merged. Will be available ~January (actions/runner-images#2302 (comment)). |
Coming from docker/build-push-action#53
Refs:
Behaviour
Steps to reproduce this issue
Expected behaviour
Login is secure or security warnings are not hidden.
Actual behaviour
Login is reported not to be secure, but warnings are hidden.
The text was updated successfully, but these errors were encountered: