File tree Expand file tree Collapse file tree 2 files changed +52
-0
lines changed
Expand file tree Collapse file tree 2 files changed +52
-0
lines changed Original file line number Diff line number Diff line change 1+ name : Test GitHubToken Excessive Permissions
2+ on :
3+ push :
4+ branches :
5+ - main
6+ jobs :
7+ test-permissions :
8+ runs-on : ubuntu-latest
9+ # Overly broad permissions for GITHUB_TOKEN
10+ permissions :
11+ contents : write
12+ issues : write
13+ pull-requests : write
14+ actions : write
15+ checks : write
16+ deployments : write
17+ statuses : write
18+ packages : write
19+ repository-projects : write
20+ discussions : write
21+ security-events : write # This one, in particular, should raise a flag as it's typically not needed for most workflows
22+ steps :
23+ - name : Checkout code
24+ uses : actions/checkout@v3
25+ - name : Dummy Step
26+ run : echo "This is to test excessive token permissions"
Original file line number Diff line number Diff line change 1+ name : Test GitHubToken Excessive Permissions
2+ on :
3+ push :
4+ branches :
5+ - main
6+ jobs :
7+ test-permissions :
8+ runs-on : ubuntu-latest
9+ # Overly broad permissions for GITHUB_TOKEN
10+ permissions :
11+ contents : write
12+ issues : write
13+ pull-requests : write
14+ actions : write
15+ checks : write
16+ deployments : write
17+ statuses : write
18+ packages : write
19+ repository-projects : write
20+ discussions : write
21+ security-events : write # This one, in particular, should raise a flag as it's typically not needed for most workflows
22+ steps :
23+ - name : Checkout code
24+ uses : actions/checkout@v3
25+ - name : Dummy Step
26+ run : echo "This is to test excessive token permissions"
You can’t perform that action at this time.
0 commit comments