Nemcio/NodeBB
1
0
Fork 0
mirror of https://github.com/NodeBB/NodeBB.git synced 2025-10-31 11:05:54 +01:00
Code Issues Packages Projects Releases Wiki Activity

ci: add minimum GitHub token permissions for workflows

Browse Source 
Signed-off-by: Ashish Kurmi <akurmi@stepsecurity.io>
This commit is contained in:
Ashish Kurmi
2022-10-02 14:32:42 -07:00
committed by Julian Lam
parent 177d904812
commit fe0020fb31
2 changed files with 11 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
.github/workflows/docker.yml vendored
View File

@@ -11,6 +11,9 @@ on:
workflow_dispatch: workflow_dispatch:
# A workflow run is made up of one or more jobs that can run sequentially or in parallel # A workflow run is made up of one or more jobs that can run sequentially or in parallel
permissions:
contents: read
jobs: jobs:
release: release:
runs-on: ubuntu-latest runs-on: ubuntu-latest

8
.github/workflows/test.yaml vendored
View File

@@ -14,8 +14,14 @@ defaults:
run: run:
shell: bash shell: bash
permissions:
contents: read
jobs: jobs:
test: test:
permissions:
checks: write # for coverallsapp/github-action to create new checks
contents: read # for actions/checkout to fetch code
name: Lint and test name: Lint and test
strategy: strategy:
fail-fast: false fail-fast: false
@@ -194,6 +200,8 @@ jobs:
parallel: true parallel: true
finish: finish:
permissions:
checks: write # for coverallsapp/github-action to create new checks
needs: test needs: test
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps: