Skip to content

Verify no workflows use actions/stale requiring permissions update #28

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
wants to merge 1 commit into
base: main
Choose a base branch
from
Draft

Verify no workflows use actions/stale requiring permissions update #28

wants to merge 1 commit into from

Conversation

Copy link

Copilot AI commented Oct 2, 2025
edited
Loading

Summary

This PR addresses issue #[issue_number] by verifying that no GitHub Actions workflows in this repository use actions/stale, which would require adding actions: write permission.

Investigation

A comprehensive search was conducted across all workflow files in .github/workflows/ to identify any usage of the actions/stale action:

  • dependabot-auto-approve.yml
  • fossa.yml
  • ossf-scorecard.yml
  • php.yml
  • split_monorepo.yaml
  • update-dependabot-config.yml

Findings

No workflows are currently using actions/stale. The repository does contain a .github/stale.yml configuration file, but this is for the Probot stale app, which is a different tool from the GitHub Actions actions/stale action.

Conclusion

Since no workflows use actions/stale, no permission changes are required. The issue requirement is satisfied by confirming the absence of this action in the repository's workflows.

If actions/stale is added to any workflow in the future, the permissions block for that job should include:

permissions:
  actions: write # because actions/stale deletes its old cache before saving new one
  contents: read
  issues: write
  pull-requests: write
Original prompt

This section details on the original issue you should resolve

<issue_title>Add missing actions/stale permission</issue_title>
<issue_description>Check if any workflow jobs are using actions/stale.

If so, make sure that the permissions block for that job contains

actions: write

If any of the other permissions lines have trailing comments, then add a trailing comment for this one too:

actions: write # because actions/stale deletes its old cache before saving new one

Place this new permission in a specific order within the permissions, directly before both:

issues: write
pull-requests: write

(which implicitly means after contents: read)</issue_description>

Comments on the Issue (you are @copilot in this section)

Fixes #27

💬 Share your feedback on Copilot coding agent for the chance to win a $200 gift card! Click here to start the survey.

Copilot AI changed the title [WIP] Add missing actions/stale permission Verify no workflows use actions/stale requiring permissions update Oct 2, 2025
Copilot AI requested a review from trask October 2, 2025 05:52
Copilot finished work on behalf of trask October 2, 2025 05:52
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@trask trask Awaiting requested review from trask

Assignees

@trask trask

Copilot code review Copilot

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Add missing actions/stale permission

2 participants

@trask