Chris Patterson

If you are going to use container based actions I would recommend you use a job container as well. Mixing container and host environments does not work very well. The...

@MalloZup I don't believe this makes sense as a runner feature but rather something that is enforced on the GitHub.com side. There are scenarios where customers want this type of...

@MalloZup Given the architecture of Actions the runner is not the best place to implement this feature. The runner is a relatively small part of the overall Action system and...

We don’t have a great place to track enhancements to the orchestration side of things as that is not open source. We hope to have a public roadmap soon but...

@Penagwin that is a different issue and it is something we are working on enabling. There will be some additional settings in your org and repos that you will be...

These features can't be implemented in the runner in an efficient and secure way. We need to check these sorts of permissions before we allocate a VM. Also the runner...

@timharris777 limiting of editing the workflow file will not help with security. If you are running any code as part of your build and someone can change that code they...

@josephshanahan-cfa the scope of a secret is a job not a step meaning that the secret is active in the memory of the runner for the scope of the job...

I am saying that any code you run during your CI could potentially dump all of the secrets that are referenced in the execution scope which is a job. If...

@josephshanahan-cfa I am not sure what you mean. Are you asking for an example of how you would dump process memory and then read the strings out of it? Here...