Re-enable safe checkout action#1497
Conversation
|
The KerasV3 pytest failure seems unrelated to this PR, so rerunning the test. Please look at my change to see if it seems the right way to do it, and I would suggest we try to merge today since this is holding up testing other PRs. |
There was a problem hiding this comment.
Pull request overview
This PR updates the fork-PR “update branch” workflow to explicitly re-enable actions/checkout@v7’s ability to check out a fork PR’s head SHA in a pull_request_target-triggered workflow, gated by a maintainer-applied label.
Changes:
- Re-enables unsafe PR head checkout in
pull_request_targetcontext by settingallow-unsafe-pr-checkout: true. - Keeps the existing label + fork-only guard and continues pushing the PR head SHA to an internal
pr/<number>branch.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
|
The qkeras pytest failure on accessing nonexistent envvar do seem to be irrelevant, but somehow not failing on the master. Test env regression outside repo? |
|
The qkeras pytest error is due to the qkeras3 not fixed versionwise. A new version caused the error. The issue is fixed in #1499 and unrelated to this PR, so I would recommend merging this. |
Description
Checkout v7 made the default behavior safer for pull_request_target events in the CI. We verified that the action is safe, so we are re-enabling the behavior. Please check our assessment.
Type of change
Tests
The CI should work after merging.
Checklist
pre-commiton the files I edited or added.