From 1ee5e1894bf3c04ba8a13f3aa8947c5943e7982b Mon Sep 17 00:00:00 2001
From: Bill Napier <napier@pobox.com>
Date: Tue, 25 Mar 2025 18:43:18 +0000
Subject: [PATCH] add link to docs

---
 .../actions/pull_request_target_needs_exception.yaml      | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/semgrep-rules/actions/pull_request_target_needs_exception.yaml b/semgrep-rules/actions/pull_request_target_needs_exception.yaml
index ce2709a..2ab1a9e 100644
--- a/semgrep-rules/actions/pull_request_target_needs_exception.yaml
+++ b/semgrep-rules/actions/pull_request_target_needs_exception.yaml
@@ -3,13 +3,15 @@ rules:
     languages:
       - yaml
     severity: ERROR
-    message: pull_request_target is considered very risky and should only be used when strictly needed.  Please prefer other triggers when possible.  If you think this is needed, you can dismiss this alert and merge your PR.
+    message: 'pull_request_target is considered very risky and should only be used when strictly needed.  Please
+      prefer other triggers when possible.  If you think this is needed, you can dismiss this alert and
+      merge your PR.  More information: https://google.github.io/github-team/semgrep-rules/pull-request-target-needs-exception.html'
     metadata:
       category: best-practice
       technology:
-        - github-actions      
+        - github-actions
     patterns:
       - pattern-either:
           - patterns:
               - pattern-inside: "{on: ...}"
-              - pattern: pull_request_target
\ No newline at end of file
+              - pattern: pull_request_target