test: live artifact trust-boundary probe (nonce only)#2625
test: live artifact trust-boundary probe (nonce only)#2625Kuhai9801 wants to merge 2 commits intofacebook:mainfrom
Conversation
|
Hi @Kuhai9801! Thank you for your pull request and welcome to our community. Action RequiredIn order to merge any pull request (code, docs, etc.), we require contributors to sign our Contributor License Agreement, and we don't seem to have one on file for you. ProcessIn order for us to review and merge your suggested changes, please sign at https://code.facebook.com/cla. If you are contributing on behalf of someone else (eg your employer), the individual CLA may not be sufficient and your employer may need to sign the corporate CLA. Once the CLA is signed, our tooling will perform checks and validations. Afterwards, the pull request will be tagged with If you have received this in error or have any questions, please contact us at [email protected]. Thanks! |
Security validation PR for workflow_run artifact trust-boundary testing.\n\n- Adds a nonce-only probe in workflow-triggered code path.\n- Intended to create one marker artifact mypy_primer_diffs-attacker-live-* if runtime artifact env is exposed to untrusted PR execution.\n- No external exfiltration payload; marker-only behavior.\n\nWill close after collecting run evidence.