gradle/wrapper-validation-action
1
0
Fork 0
mirror of https://github.com/gradle/wrapper-validation-action synced 2024-11-23 17:22:01 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Fix typo

Browse source
This commit is contained in:
Frieder Bluemle 2020-01-22 16:44:11 -08:00
parent 6651bb31dd
commit c95c3c3f46
No known key found for this signature in database
GPG key ID: EEAAFC3A01B5FFC6
2 changed files with 3 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
.gitignore vendored
View file

@ -98,6 +98,5 @@ Thumbs.db
__tests__/runner/*
lib/**/*
.idea
.idea/
*.iml

2
README.md
View file

@ -15,7 +15,7 @@ Searching across GitHub you can find many pull requests (PRs) with helpful title
Many of these PRs are contributed by individuals outside of the organization maintaining the project.
Many maintainers are incredibly grateful for these kinds of contributions as it takes an item off of their backlog.
We assume that most maintainers do not consider the security implications of accepting the Gradle Wrapper binary from an external contributors.
We assume that most maintainers do not consider the security implications of accepting the Gradle Wrapper binary from external contributors.
There is a certain amount of blind trust open source maintainers have.
Further compounding the issue is that maintainers are most often greeted in these PRs with a diff to the `gradle-wrapper.jar` that looks like this.