mirror of
https://github.com/openclaw/openclaw.git
synced 2026-06-05 01:52:54 +00:00
462b52f62c
Guard the remaining Windows Testbox workflow ref logging against GitHub Actions template injection by moving `target_ref` through step env before PowerShell reads it. Extend the local workflow check wrapper to run pinned `zizmor` across every workflow file, and keep Workflow Sanity's CI audit explicit with trusted-base pre-commit and zizmor configs for pull-request runs. Thanks @WT-WSL for the original report and patch. Co-authored-by: dev111-actor <captaintobb@outlook.com>
2.3 KiB
2.3 KiB