robin/attic-action
1
0
Fork 0
mirror of https://codeberg.org/icewind/attic-action.git synced 2026-06-03 17:44:07 +02:00
Code Issues Projects Releases Packages Wiki Activity

Update README.md

Browse source 
Co-Authored-By: Joachim Breitner <mail@joachim-breitner.de>
This commit is contained in:
Domen Kožar 2020-04-24 13:57:05 +02:00 committed by GitHub
commit bfb80e965d
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

2
README.md
View file

@ -64,7 +64,7 @@ Cachix auth token and signing key need special care as they give read and write
> Anyone with write access to a repository can create, read, and use secrets. > Anyone with write access to a repository can create, read, and use secrets.
Which means all developers with push access can read your secrets and write to your cache. Which means all developers with push access can read your secrets and write to your cache. Furthermore, malicious code submitted via a pull request can, once merged into `master`, reveal the tokens.
## Hacking ## Hacking