hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-29 18:55:14 +02:00
Code Issues Packages Projects Releases Wiki Activity

Declare permissions

Browse Source 
Repositories can be configured with Default access (restricted)
https://docs.github.com/en/actions/security-guides/automatic-token-authentication#permissions-for-the-github_token

Best practice says that workflows should declare the minimal permissions they require.
Without declaring permissions, paranoid forks fail miserably.
This commit is contained in:
Josh Soref
2024-01-31 03:31:54 -05:00
parent e468f4062f
commit b58c856756
29 changed files with 97 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
.github/workflows/csv-coverage-timeseries.yml vendored
View File

@@ -3,6 +3,9 @@ name: Build framework coverage timeseries reports
on:
workflow_dispatch:
permissions:
contents: read
jobs:
build:
runs-on: ubuntu-latest