I recently ran into a situation where a merge commit (which admittedly are undesirable in git/git and gitgitgadget/git Pull Requests, but are sometimes totally appropriate in the context of other forks such as git-for-windows/git) misled the logic in the check-whitespace workflow to look at upstream commits (and missing some patches that it should have looked at). At the same time, I also realized that the feature where this workflow adds a PR comment in an attempt to be more helpful requires a read/write token (which weakens the overall security, I'd much rather stay with the read-only token configured e.g. in gitgitgadget/git and in git-for-windows/git). This patch series addresses both issues. Johannes Schindelin (2): ci(check-whitespace): stop requiring a read/write token ci(check-whitespace): restrict to the intended commits .github/workflows/check-whitespace.yml | 26 ++------------------------ 1 file changed, 2 insertions(+), 24 deletions(-) base-commit: ebf3c04b262aa27fbb97f8a0156c2347fecafafb Published-As: https://github.com/gitgitgadget/git/releases/tag/pr-995%2Fdscho%2Ffix-check-whitespace-v1 Fetch-It-Via: git fetch https://github.com/gitgitgadget/git pr-995/dscho/fix-check-whitespace-v1 Pull-Request: https://github.com/gitgitgadget/git/pull/995 -- gitgitgadget
