From 185c53abb48e89f1a753ba40614a32ce409db385 Mon Sep 17 00:00:00 2001
From: Anatoly <bmth@me.com>
Date: Sun, 13 Oct 2024 21:55:48 +0300
Subject: [PATCH] Isolate unsafe code in build.yml

---
 .github/workflows/build.yml | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index 132b0fe915..047dba0a6e 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -45,6 +45,9 @@ jobs:
   # Build will compile APK, test APK and run tests, lint, etc.
   build:
     runs-on: ubuntu-22.04-8core
+    container:
+      image: ubuntu:22.04
+      options: --security-opt=no-new-privileges
     timeout-minutes: 60
     permissions:
       actions: read