You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardexpand all lines: docs/deployment-confirmation.md
+1
Original file line number
Diff line number
Diff line change
@@ -7,6 +7,7 @@ For projects that require the highest level of deployment safety/security, the b
7
7
This can be considered a "final safety check" before a deployment can continue.
8
8
9
9
By using this feature, it is also an extremely effective way to prevent accidental or malicious commits from being deployed without first having one last safety review. This is important for hardening against Actions related [TOCTOU](https://github.com/AdnaneKhan/ActionsTOCTOU) vulnerabilities.
10
+
10
11
## How it works
11
12
12
13
When a user invokes a deployment via the `.deploy` (or `.noop`) command, the branch-deploy Action will pause _just_ before the final call to start a deployment by this Action. The Action will then create a new comment on the pull request that invoked the deployment, asking the user to confirm (or reject) the deployment.
0 commit comments