LabelCommitContents returns the IFC label for committed repository content reachable from the default branch and its history: commits, commit diffs, and the repository file tree. It shares the reasoning of LabelGetFileContents. In public repositories any outsider can land content via a pull request
(isPrivate bool)
| 214 | // so committed content is trusted. Confidentiality follows repository |
| 215 | // visibility. |
| 216 | func LabelCommitContents(isPrivate bool) SecurityLabel { |
| 217 | if isPrivate { |
| 218 | return PrivateTrusted() |
| 219 | } |
| 220 | return PublicUntrusted() |
| 221 | } |
| 222 | |
| 223 | // LabelActionsResult returns the IFC label for GitHub Actions resources: |
| 224 | // workflow definitions, runs, jobs, artifacts, and job logs. |