Skip to content

test(ci): add github token minimal permissions in all workflows #624

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
mikehardy merged 1 commit into from
Dec 29, 2025
Merged

test(ci): add github token minimal permissions in all workflows #624

mikehardy merged 1 commit into from
Dec 29, 2025

Conversation

@mikehardy
Copy link
Member

@mikehardy mikehardy commented Dec 28, 2025

david-allison
david-allison approved these changes Dec 28, 2025
View reviewed changes
Copy link
Member

@david-allison david-allison left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sure! Can we do a test publish after this goes through

@mikehardy
Copy link
Member Author

mikehardy commented Dec 28, 2025

Definitely +1 on test publish, will merge dependencies prior and set a new internal version
Just checked ankitects/anki releases and there is nothing new there so nothing fancy to include

@mikehardy mikehardy mentioned this pull request Dec 28, 2025
Merged
@david-allison david-allison added this pull request to the merge queue Dec 28, 2025
@github-merge-queue github-merge-queue bot removed this pull request from the merge queue due to failed status checks Dec 28, 2025
@mikehardy mikehardy force-pushed the github-token-permissions branch from bee19af to cd0eefd Compare December 28, 2025 18:55
@mikehardy mikehardy enabled auto-merge December 28, 2025 18:55
@mikehardy mikehardy added this pull request to the merge queue Dec 28, 2025
@github-merge-queue github-merge-queue bot removed this pull request from the merge queue due to no response for status checks Dec 28, 2025
@mikehardy
Copy link
Member Author

mikehardy commented Dec 28, 2025

That's annoying, they were running full / expected speed it seems

@github-merge-queue github-merge-queue bot removed this pull request from the merge queue due to no response for status checks 8 minutes ago

@mikehardy mikehardy added this pull request to the merge queue Dec 28, 2025
@github-merge-queue github-merge-queue bot removed this pull request from the merge queue due to failed status checks Dec 28, 2025
@mikehardy mikehardy added this pull request to the merge queue Dec 28, 2025
Merged via the queue into main with commit 29e020f Dec 29, 2025
11 checks passed
@mikehardy mikehardy deleted the github-token-permissions branch December 29, 2025 02:01
@mikehardy
Copy link
Member Author

mikehardy commented Dec 29, 2025

1- successful publish! https://repo1.maven.org/maven2/io/github/david-allison/anki-android-backend/0.1.63-anki25.09.2/
2- security queue cleared, that's the whole org cleared now

image

Okay, there is still apparently some warning here, I'll look into that - it was running green throughout the day 🤔

@mikehardy
Copy link
Member Author

mikehardy commented Dec 29, 2025

Ah, it's generated rust code - going to ignore for now but could use a preen later if someone wanted something unimportant to pick at that had no real world purpose ("tuning github actions codeql scanning to ignore generated code" ? meh)

https://github.com/ankidroid/Anki-Android-Backend/security/code-scanning/tools/CodeQL/status/configurations/actions-FZTWS5DIOVRC653POJVWM3DPO5ZS6Y3PMRSXC3BOPFWWY/2093ca42bf4614785abc8bd8107185ea3f3395dfef51a1f83c7ed582118bb8b2

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@david-allison david-allison david-allison approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@mikehardy @david-allison