Bot-created pull requests can run workflows if approved
Pull requests created by github-actions[bot] can now run CI/CD workflows when approved by a user, adding a security layer to prevent automated code from executing without explicit authorization.
Pull requests created by the github-actions[bot] are now able to run your CI/CD workflows with user approval. Requiring approval is a security measure to ensure generated code does not automatically run workflows which may have access to sensitive information. This matches the behavior of Copilot-generated pull requests.
Previously, pull requests generated by github-actions[bot] were not able to run CI/CD workflows, allowing pull requests to be accidentally merged without having gone through CI. This change allows all pull requests, even bot-generated changes, to run configured CI/CD workflows if approved by a user with write access to the repository.
The post Bot-created pull requests can run workflows if approved appeared first on The GitHub Blog.
Source: original entry ↗