Actions environments now makes it more secure to review and control deployments using manual approvals.
Previously, any user could trigger a workflow and also manually approve/reject a deployment job targeting a protected environment, if they are a required reviewer.
We are now introducing an option for environment admins to prevent required reviewers from self-reviews to secure deployments targeting their critical environments.
This would enforce that a different reviewer could approve and sign off the deployments, rather than the same user who triggered the run – making the deployments more secure.
Learn more about securing environments using deployment protection rules.
For questions, visit the GitHub Actions community.
To see what's next for Actions, visit our public roadmap.