GitHub Actions flaw that allowed code to be approved without review is addressed with new feature rollout


Tighter controls have been implemented to address a flaw in GitHub Actions that allowed code review safeguards to be bypassed.

Omer Gil and colleagues from the security startup Cider Security discovered that the code review bypass risk existed even in organisations that did not use the recently introduced GitHub Actions feature.

Read More…