You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Following on from #1, our current attempted preview mechanism doesn't work.
For context:
PRs (logically, in hindsight) normally cannot access secrets, so we need to put some more thought into how we want to generate previews in a safe manner.
Generating and uploading an Artifact seems like a viable first step, but because that doesn't host the docs it's a bit cumbersome. Following the github security resources that's the first step for limiting untrusted access anyway, and then we likely want to upload to a separate AWS bucket, potentially with extra restrictions on what kind of actions the files can perform (e.g. we may wish to restrict javascript to prevent malicious code execution for testers).
The text was updated successfully, but these errors were encountered:
Following on from #1, our current attempted preview mechanism doesn't work.
For context:
The text was updated successfully, but these errors were encountered: