Skip to content

chore: Add explicit permissions to visual regressions workflow #126

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
jperals merged 1 commit into from
Dec 4, 2025
Merged

chore: Add explicit permissions to visual regressions workflow #126

jperals merged 1 commit into from
Dec 4, 2025

Conversation

@jperals
Copy link
Member

@jperals jperals commented Nov 20, 2025
edited
Loading

Potential fix for code scanning alert 4.

To resolve the issue, add a permissions key to explicitly define the minimal required permissions. Since the workflow contains two jobs (test and update), add the permissions block at the root level of the workflow to apply to all jobs if their requirements are similar. Use contents: read as a starting point, and include any additional permissions required by specific steps. For example, the test job requires actions: read for downloading artifacts and actions: write for uploading results.

Suggested fixes powered by Copilot Autofix. Review carefully before merging.

@jperals @github-advanced-security
Potential fix for code scanning alert no. 4: Workflow does not contai…
591129c 
…n permissions

Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
@jperals jperals changed the title Potential fix for code scanning alert no. 4: Workflow does not contain permissions chore: Add explicit permissions to visual regressions workflow Nov 20, 2025
@jperals jperals marked this pull request as ready for review November 20, 2025 13:36
@jperals jperals requested a review from pan-kot as a code owner November 20, 2025 13:36
@jperals jperals added this pull request to the merge queue Dec 4, 2025
Merged via the queue into main with commit 765ecf2 Dec 4, 2025
44 of 46 checks passed
@jperals jperals deleted the alert-autofix-4 branch December 4, 2025 08:57
jsilll pushed a commit to jsilll/chart-components that referenced this pull request Dec 5, 2025
@jperals @github-advanced-security @jsilll
Potential fix for code scanning alert no. 4: Workflow does not contai…
24e2f15 
…n permissions (cloudscape-design#126)

Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@pan-kot pan-kot pan-kot approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@jperals @pan-kot