From f3f6ddc8aeffde73be7f6195669d747f1e23da6b Mon Sep 17 00:00:00 2001
From: Raymond Wang <me@waymondrang.com>
Date: Sat, 22 Oct 2022 12:47:16 -0700
Subject: [PATCH] update main.yml

fix potential workflow vulnerability
---
 .github/workflows/main.yml | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
index 74d20fb..d4dce73 100644
--- a/.github/workflows/main.yml
+++ b/.github/workflows/main.yml
@@ -5,9 +5,11 @@ name: Deploy Site
 # Controls when the workflow will run
 on:
   push:
-    branches: [ main ]
-  pull_request:
-    branches: [ main ]
+    branches: [main]
+  # The below rule invokes when ANY pull request is made to main
+  # This is DANGEROUS and can allow for malicious behavior
+  # pull_request:
+  #   branches: [main]
 
   # Allows you to run this workflow manually from the Actions tab
   workflow_dispatch: