Set read permissions for workflows in tests and publish
Added `contents: read` and `pull-requests: read` permissions to the `tests` and `publish` GitHub workflows. This enhances security by explicitly defining the required permissions for these jobs.
This commit is contained in:
3
.github/workflows/publish.yml
vendored
3
.github/workflows/publish.yml
vendored
@@ -6,6 +6,9 @@ on:
|
||||
|
||||
jobs:
|
||||
publish:
|
||||
permissions:
|
||||
contents: read
|
||||
pull-requests: read
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: actions/checkout@v4
|
||||
|
||||
3
.github/workflows/tests.yml
vendored
3
.github/workflows/tests.yml
vendored
@@ -9,6 +9,9 @@ on:
|
||||
|
||||
jobs:
|
||||
tests:
|
||||
permissions:
|
||||
contents: read
|
||||
pull-requests: read
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: actions/checkout@v4
|
||||
|
||||
Reference in New Issue
Block a user