Skip to content

Commit f20430c

Browse files
d-niud-niu
authored
ci: remove obsolete ref_protected from STS trust policies (#7676)
The `ref_protected` OIDC claim is now universally `true` in the DataDog org due to the org-level "incompatible file paths on windows" push ruleset, making it useless as a security discriminator. Ticket: https://datadoghq.atlassian.net/browse/SINT-4732
1 parent dfe3a02 commit f20430c

File tree

1 file changed

+0
-1
lines changed

1 file changed

+0
-1
lines changed

.github/chainguard/release-proposal.sts.yaml

Lines changed: 0 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -5,7 +5,6 @@ subject: repo:DataDog/dd-trace-js:ref:refs/heads/master
55
claim_pattern:
66
event_name: (workflow_dispatch|schedule)
77
ref: refs/heads/master
8-
ref_protected: "true"
98
job_workflow_ref: DataDog/dd-trace-js/.github/workflows/release-proposal.yml@refs/heads/master
109

1110
permissions:

0 commit comments

Comments
 (0)