eblume/blumeops
1
1
Fork 0
Code Issues Pull requests Projects Releases 83 Packages Wiki Activity Actions
blumeops/docs
History
Erich Blume e1429fc3e7 Document Spork Attack supply-chain risk 
Upstream can push workflows (in .github/ or .forgejo/) that execute
on our runners via any trigger mechanism including cron. Runner label
mismatch is the current defense but is fragile. No complete fix exists
short of disabling Actions entirely.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-29 08:16:09 -07:00
..
changelog.d Add spork strategy: tooling and documentation 2026-03-28 22:58:10 -07:00
explanation Document Spork Attack supply-chain risk 2026-03-29 08:16:09 -07:00
how-to Add spork strategy: tooling and documentation 2026-03-28 22:58:10 -07:00
reference Simplify Kingfisher CronJob to HTML-only output 2026-03-28 21:50:54 -07:00
tutorials Review tailscale-setup tutorial: fix inaccuracies 2026-03-26 07:44:36 -07:00
index.md Fix spider trap: disable SPA mode, remove index files, relax wiki-links (#290) 2026-03-09 11:59:43 -07:00
quartz.config.ts Fix spider trap: disable SPA mode, remove index files, relax wiki-links (#290) 2026-03-09 11:59:43 -07:00
quartz.layout.ts Expose Forgejo publicly at forge.eblu.me (#278) 2026-03-03 08:40:41 -08:00