diff options
author | Marti Maria <marti.maria@littlecms.com> | 2023-05-03 20:42:58 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2023-05-03 20:42:58 +0200 |
commit | 5ac2593ca31ca78857e8e4bf0a2a097b654d7f98 (patch) | |
tree | fa1864c901905a3e1835a1623b9c7ae111e1edf2 | |
parent | 2dec6845c7b40340ce4ca11ab6205586d01023ed (diff) | |
parent | 474bcc1f6a691904a6733819e73fee0fa269fa77 (diff) | |
download | lcms2-5ac2593ca31ca78857e8e4bf0a2a097b654d7f98.tar.gz |
Merge pull request #378 from diogoteles08/ci/set-workflows-permissions
ci: set minimal permissions to GitHub Workflows
Look great, thank you!
-rw-r--r-- | .github/workflows/build.yml | 2 | ||||
-rw-r--r-- | .github/workflows/codeql-analysis.yml | 6 |
2 files changed, 8 insertions, 0 deletions
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 9c34210..3b78131 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -6,6 +6,8 @@ concurrency: group: ${{ github.workflow }}-${{ github.job }}-${{ github.ref }} cancel-in-progress: true +permissions: read-all + jobs: Ubuntu: diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 37da696..1527837 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -14,10 +14,16 @@ on: schedule: - cron: '0 6 * * 5' +permissions: read-all + jobs: analyze: name: Analyze runs-on: ubuntu-latest + permissions: + actions: read # for github/codeql-action/init to get workflow details + contents: read # for actions/checkout to fetch code + security-events: write # for github/codeql-action/autobuild to send a status report strategy: fail-fast: false |