Lineflyer

> BTW: Is there a manual page which shows differences between being PM vs. BM, seen from c:geo's perspective? There is a page, not sure if it might be outdated:...

Ok, the TB activity is really a problem. When logging offline we can not load the current TBs at all. So with the current implementation there is no way to...

My opinion on this: 1. We should not include an explicit batch log-content function 2. We should support batch-log submit for offline logs as a normal function (under Menu ->...

AFAICS the secrets are already stored in our repo key/secrests storage. If this problem only comes up for builds on forks (looks a bit like that) we should disable this...

mmh...thats indeed a pretty normal case. I would have thought, that it uses the secret of the target repo rather than requiring the secrets to be located in the source/fork...

I am not sure if skipping part of tests is meaningful. The remaining problem is, that secrets are not shared, which will prevent a full test of PRs from forked...

> On PR https://github.com/cgeo/cgeo/pull/15625 was afraid you'll activate pull_request_target blindly. As long as each PR is reviewed before the WF can run, we should be safe. That part (label trigger)...

Regarding: > configure secrets for workflows from dependabot (if necessary) Further reading: https://docs.github.com/en/code-security/dependabot/working-with-dependabot/automating-dependabot-with-github-actions#accessing-secrets

> If you accept the security risk you can redefine them all in the dependabot secret section That brings me to the point, that I do not have any of...

> clarify, if workflow(s) should not run from cloned repositories - and if yes, configure it IMHO they should not run in cloned repositories. For PR and pushes: We want...