GitHub Actions has an environment variable flag called
ACTIONS_ALLOW_UNSECURE_COMMANDS that allows GHA workflows to run deprecated commands
add-path. These are vulnerable commands that should not be used as they expose accounts to potential credential theft or code injection.
... env: - ACTIONS_ALLOW_UNSECURE_COMMANDS: 'true' ...
Updated 25 days ago