Skip to content

Commit 174429f

Browse files
trasktrask
committed
Restrict github token permissions
1 parent a54c83c commit 174429f

File tree

3 files changed

+8
-1
lines changed

3 files changed

+8
-1
lines changed

.github/workflows/ci.yml

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -6,6 +6,9 @@ on:
66
pull_request:
77
branches: [ main ]
88

9+
permissions:
10+
contents: read
11+
912
jobs:
1013
build:
1114
runs-on: ubuntu-latest

.github/workflows/ossf-scorecard.yml

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -8,7 +8,8 @@ on:
88
- cron: "39 12 * * 2" # once a week
99
workflow_dispatch:
1010

11-
permissions: read-all
11+
permissions:
12+
contents: read
1213

1314
jobs:
1415
analysis:

.github/workflows/test.yml

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -6,6 +6,9 @@ on:
66
pull_request:
77
branches: [ main ]
88

9+
permissions:
10+
contents: read
11+
912
jobs:
1013
test:
1114
timeout-minutes: 60

0 commit comments

Comments
 (0)