or alternative hire right people that know what they are doing and don’t need a whole lot of junk to work on and deploy. I have been coding 31 years now and don’t have the slighest clue why anyone would ever need a “github action”
There's value in enforcing checks on the server side to avoid people accidentally/maliciously merging code that doesn't pass said checks. Checks can be linters, security scanners, etc.
Because then you protect against a compromised/misbehaving developer workstation. No matter what the individual developer does, the server will prevent a PR being merged if it doesn’t pass the server-enforced checks.
Running builds on a designated server would also protect against malware on a developer’s machine silently embedding itself into the resulting artifact and then deployed to production.
