Description of the feature request
I’d like to only build PRs from branches in the owning repo (not from forks). Forks represent a security risk.
Use case / for what or how I would use it
I’d use this to build open source projects without worrying PRs will expose secrets. Microsoft explains in more detail on the VSTS pipeline page.
Hi @bootstraponline,
On bitrise.io you can set whether a secret is available in a PR build or not. That should mitigate the issue described, by simply not exposing the secrets to PR builds at all.
I want to not build at all, there are many secrets that aren’t defined as “secrets” The microsoft link goes into more details about the threat model.