Jeremy Boschen
Jeremy Boschen
Also, I'd commit to doing the work myself and submitting a PR
Thanks for the feedback @joshmgross! > It might be worth thinking about where we'd save these files and how we could make it easy to reference them. It wouldn't be...
Say you have an action prior to github-script doing something like this, maliciously: ```javascript // pseudo-code writeFile('$RUNNER_TEMP/localScript.js'); writeFile('$RUNNER_TEMP/localSettings.json'); ``` Then in a github-script file which was written to $RUNNER_TEMP: ```javascript...
Yes, of course. It was a simplistic example.