summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--.github/workflows/bootstrap.yml8
1 files changed, 7 insertions, 1 deletions
diff --git a/.github/workflows/bootstrap.yml b/.github/workflows/bootstrap.yml
index 493295b624..bcea53c7c7 100644
--- a/.github/workflows/bootstrap.yml
+++ b/.github/workflows/bootstrap.yml
@@ -29,7 +29,13 @@ jobs:
bzip2 curl file gcc-c++ gcc gcc-gfortran git gnupg2 gzip \
make patch unzip which xz python3 python3-devel tree \
cmake bison bison-devel libstdc++-static
- - uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579 # @v2
+ - name: Work around CVE-2022-24765
+ run: |
+ # See:
+ # - https://github.blog/2022-04-12-git-security-vulnerability-announced/
+ # - https://github.com/actions/checkout/issues/760
+ git config --global --add safe.directory /__w/spack/spack
+ - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # @v2
- name: Setup repo and non-root user
run: |
git --version