mirror of
https://github.com/gradle/wrapper-validation-action
synced 2024-11-27 10:42:03 +00:00
Fix typo
This commit is contained in:
parent
6651bb31dd
commit
c95c3c3f46
2 changed files with 3 additions and 4 deletions
3
.gitignore
vendored
3
.gitignore
vendored
|
@ -98,6 +98,5 @@ Thumbs.db
|
||||||
__tests__/runner/*
|
__tests__/runner/*
|
||||||
lib/**/*
|
lib/**/*
|
||||||
|
|
||||||
.idea
|
.idea/
|
||||||
*.iml
|
*.iml
|
||||||
|
|
||||||
|
|
|
@ -15,7 +15,7 @@ Searching across GitHub you can find many pull requests (PRs) with helpful title
|
||||||
Many of these PRs are contributed by individuals outside of the organization maintaining the project.
|
Many of these PRs are contributed by individuals outside of the organization maintaining the project.
|
||||||
|
|
||||||
Many maintainers are incredibly grateful for these kinds of contributions as it takes an item off of their backlog.
|
Many maintainers are incredibly grateful for these kinds of contributions as it takes an item off of their backlog.
|
||||||
We assume that most maintainers do not consider the security implications of accepting the Gradle Wrapper binary from an external contributors.
|
We assume that most maintainers do not consider the security implications of accepting the Gradle Wrapper binary from external contributors.
|
||||||
There is a certain amount of blind trust open source maintainers have.
|
There is a certain amount of blind trust open source maintainers have.
|
||||||
Further compounding the issue is that maintainers are most often greeted in these PRs with a diff to the `gradle-wrapper.jar` that looks like this.
|
Further compounding the issue is that maintainers are most often greeted in these PRs with a diff to the `gradle-wrapper.jar` that looks like this.
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue