Skip to content

fix: Add explicit permissions to visual regression workflow #73

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
jperals merged 2 commits into from
Dec 3, 2025
Merged

fix: Add explicit permissions to visual regression workflow #73

jperals merged 2 commits into from
Dec 3, 2025

Conversation

@jperals
Copy link
Member

@jperals jperals commented Jul 25, 2025

Potential fix for https://github.com/cloudscape-design/chart-components/security/code-scanning/3

To fix the problem, add an explicit permissions block to the workflow file. This block should specify the minimal permissions required for each job. For example:

  • For the test job, it likely only requires contents: read since it primarily checks out the repository, installs dependencies, runs tests, and downloads/upload artifacts.
  • For the update job, it may need contents: write to update snapshots.

The permissions block should be added at the job level to ensure different permissions for test and update jobs. This ensures each job only has access to what it needs.

Suggested fixes powered by Copilot Autofix. Review carefully before merging.

@jperals @github-advanced-security
Potential fix for code scanning alert no. 3: Workflow does not contai…
adb026b 
…n permissions

Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
@jperals jperals changed the title Potential fix for code scanning alert no. 3: Workflow does not contain permissions fix: Add explicit permissions to visual regression workflow Jul 25, 2025
@jperals jperals marked this pull request as ready for review August 4, 2025 08:52
@jperals jperals requested a review from pan-kot as a code owner August 4, 2025 08:52
@jperals jperals enabled auto-merge December 3, 2025 09:21
@jperals jperals added this pull request to the merge queue Dec 3, 2025
Merged via the queue into main with commit 796c2aa Dec 3, 2025
43 of 44 checks passed
@jperals jperals deleted the alert-autofix-3 branch December 3, 2025 09:45
jsilll pushed a commit to jsilll/chart-components that referenced this pull request Dec 5, 2025
@jperals @github-advanced-security @jsilll
Potential fix for code scanning alert no. 3: Workflow does not contai…
076f387 
…n permissions (cloudscape-design#73)

Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@pan-kot pan-kot pan-kot approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@jperals @pan-kot