"badly executed" occurs when we believe there is a *security* issue.
Using an action defined by a third party, which might modify Apache repositories in unknown ways ... not something we want. Or when a PMC determines that third party Action is safe, in April, but then gets compromised in August ... not something we want. By constraining all Actions to the apache/ repositories will ensure that appropriate review is possible. Regards, Greg Stein InfraAdmin, ASF On Sun, Dec 27, 2020 at 6:43 AM Jarek Potiuk <ja...@potiuk.com> wrote: > Ok. IT works after logging. I will make another comments shortly after > subscribing to the list but I think this was very badly executed. > > J. > > > > On Sun, Dec 27, 2020 at 1:38 PM Jarek Potiuk <ja...@potiuk.com> wrote: > > > the link does not work > > > > On Sun, Dec 27, 2020 at 1:34 PM Roy Lenferink <rlenfer...@apache.org> > > wrote: > > > >> This is related to the thread Daniel just posted on the users@infra > list: > >> > >> > https://lists.apache.org/thread.html/r900f8f9a874006ed8121bdc901a0d1acccbb340882c1f94dad61a5e9%40%3Cusers.infra.apache.org%3E > >> > >> Op zo 27 dec. 2020 om 13:26 schreef Andreas Veithen < > >> andreas.veit...@gmail.com>: > >> > >> > Same for https://github.com/apache/axis-axis2-java-core (with no > >> > configuration changes on our side). > >> > > >> > Andreas > >> > > >> > On Sun, Dec 27, 2020 at 12:25 PM Jarek Potiuk <pot...@apache.org> > >> wrote: > >> > > >> > > Is there a change in the policy of Apache Airflow to only allow > >> > > actions hosted in-organization? Or is it a mistake in configuration? > >> > > > >> > > We've just started @Apache Airflow to experience errors of this kind > >> out > >> > of > >> > > a sudden (literally within the last hour). > >> > > > >> > > potiuk/get-workflow-origin@588cc14f9f1cdf1b8be3db816855e96422204fec > , > >> > > louisbrunner/checks-action@9f02872da71b6f558c6a6f190f925dde5e4d8798 > , > >> > > actions/checkout@v2, actions/checkout@v2, actions/checkout@v2, > >> > > > >> > > >> > tobked/label-when-approved-action@4c5190fec5661e98d83f50bbd4ef9ebb48bd1194 > >> > > , > >> > > louisbrunner/checks-action@9f02872da71b6f558c6a6f190f925dde5e4d8798 > , > >> > > > >> > > >> > tobked/label-when-approved-action@4c5190fec5661e98d83f50bbd4ef9ebb48bd1194 > >> > > , > >> > > > >> > > >> > tobked/label-when-approved-action@4c5190fec5661e98d83f50bbd4ef9ebb48bd1194 > >> > > , > >> > > and > >> louisbrunner/checks-action@9f02872da71b6f558c6a6f190f925dde5e4d8798 > >> > > are > >> > > not allowed to be used in apache/airflow. Actions in this workflow > >> must > >> > be: > >> > > within a repository owned by apache. > >> > > > >> > > > >> > > J, > >> > > > >> > > >> > > > > > > -- > > +48 660 796 129 > > > > > -- > +48 660 796 129 >
