| ▲ | orlp 5 hours ago | |
No it doesn't have security implications. If you are insecure because someone has had one of their otherwise completely innocent PRs merged into your repo... you are insecure, period. | ||
| ▲ | lgrapenthin 5 hours ago | parent | next [-] | |
What you are describing is exactly a security implication. | ||
| ▲ | stavros 5 hours ago | parent | prev [-] | |
Security isn't a binary "secure/insecure". You can be more or less secure than something. | ||