You can configure PRs to only build for trusted users or require approval from a trusted user to build the job. Take a look at the build strategies when you're setting up your SCM info for the job or pipeline.
On Tue, 4 Aug 2020 at 04:03, Vladimir Sitnikov <sitnikov.vladi...@gmail.com> wrote: > > Are the new ci-... machines/workers isolated/hermetic? > What if malicious code is submitted as a GitHub pull request? > > Vladimir -- Matt Sicker <boa...@gmail.com>
