I think the top one might be the culprit. But it might be the guy’s account was hacked?
On his repo he has a fork of WSL and the repo is called “free-palestine”, he tried to merge the branch “freedom”. So that PR seems likely to be linked to this. Other than this, activity seems normal for a terminal githubber with 444 repos…
If you watch the PRs history, you can see that the user github-actions edited them. This user is the default one when a GitHub Action (the pipeline OP refers to) alters the repo. So someone probably submitted a pull request abusing the GitHub token when the Action ran on their PR.
Hacked pipeline? These are just pull requests anyone can submit them.
They are authentic commits and PRs by real contributors that have been edited and renamed with the PR description changed.
Oh that is mildly interesting, my mistake. So the actual commits didn’t change but the pull requests are made to look like they are something else.
I think the top one might be the culprit. But it might be the guy’s account was hacked?
On his repo he has a fork of WSL and the repo is called “free-palestine”, he tried to merge the branch “freedom”. So that PR seems likely to be linked to this. Other than this, activity seems normal for a terminal githubber with 444 repos…
If you watch the PRs history, you can see that the user
github-actionsedited them. This user is the default one when a GitHub Action (the pipeline OP refers to) alters the repo. So someone probably submitted a pull request abusing the GitHub token when the Action ran on their PR.