gradle/wrapper-validation-action
1
0
Fork 0
mirror of https://github.com/gradle/wrapper-validation-action synced 2024-11-23 17:22:01 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Merge pull request #11 from friederbluemle/update-project

Browse source 
Fix typo
This commit is contained in:
Jonathan Leitschuh 2020-01-22 21:25:19 -05:00 committed by GitHub
commit e7f83badee
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 3 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
.gitignore vendored
View file

@ -98,6 +98,5 @@ Thumbs.db
__tests__/runner/* __tests__/runner/*
lib/**/* lib/**/*
.idea .idea/
*.iml *.iml

2
README.md
View file

@ -15,7 +15,7 @@ Searching across GitHub you can find many pull requests (PRs) with helpful title
Many of these PRs are contributed by individuals outside of the organization maintaining the project. Many of these PRs are contributed by individuals outside of the organization maintaining the project.
Many maintainers are incredibly grateful for these kinds of contributions as it takes an item off of their backlog. Many maintainers are incredibly grateful for these kinds of contributions as it takes an item off of their backlog.
We assume that most maintainers do not consider the security implications of accepting the Gradle Wrapper binary from an external contributors. We assume that most maintainers do not consider the security implications of accepting the Gradle Wrapper binary from external contributors.
There is a certain amount of blind trust open source maintainers have. There is a certain amount of blind trust open source maintainers have.
Further compounding the issue is that maintainers are most often greeted in these PRs with a diff to the `gradle-wrapper.jar` that looks like this. Further compounding the issue is that maintainers are most often greeted in these PRs with a diff to the `gradle-wrapper.jar` that looks like this.