delta/python-coveragepy-git.git/.github/workflows/cancel.yml, branch 6.4 github.com: nedbat/coveragepy.git build: Set permissions for GitHub actions (#1369) 2022-05-03T09:33:34+00:00 Naveen 172697+naveensrinivasan@users.noreply.github.com 2022-05-03T09:33:34+00:00 9ef7d3c4b1fc451bee5a18b10b74f4cabb1e048d Restrict the GitHub token permissions only to the required ones; this way, even if the attackers will succeed in compromising your workflow, they won’t be able to do much. - Included permissions for the action. https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs [Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/) Signed-off-by: naveen <172697+naveensrinivasan@users.noreply.github.com> 
Restrict the GitHub token permissions only to the required ones; this way, even if the attackers will succeed in compromising your workflow, they won’t be able to do much.

- Included permissions for the action. https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions

https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions

https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs

[Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/)

Signed-off-by: naveen <172697+naveensrinivasan@users.noreply.github.com>
 build(deps): bump styfle/cancel-workflow-action from 0.6.0 to 0.9.1 2022-01-17T19:48:47+00:00 dependabot[bot] 49699333+dependabot[bot]@users.noreply.github.com 2022-01-17T18:51:16+00:00 26678262c2f0cf2b8a619dd1e60600d241aae2aa Bumps [styfle/cancel-workflow-action](https://github.com/styfle/cancel-workflow-action) from 0.6.0 to 0.9.1. - [Release notes](https://github.com/styfle/cancel-workflow-action/releases) - [Commits](https://github.com/styfle/cancel-workflow-action/compare/0.6.0...0.9.1) --- updated-dependencies: - dependency-name: styfle/cancel-workflow-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> 
Bumps [styfle/cancel-workflow-action](https://github.com/styfle/cancel-workflow-action) from 0.6.0 to 0.9.1.
- [Release notes](https://github.com/styfle/cancel-workflow-action/releases)
- [Commits](https://github.com/styfle/cancel-workflow-action/compare/0.6.0...0.9.1)

---
updated-dependencies:
- dependency-name: styfle/cancel-workflow-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 style: fix typos discovered by codespell (#1197) 2021-08-01T10:52:42+00:00 Christian Clauss cclauss@me.com 2021-08-01T10:52:42+00:00 f3059761830a0716504b04d25a4045c2f4ef4402 python3 -m pip install codespell codespell --ignore-words-list="ba,cant,datas,hart,linke,ned,nin,overthere,upto" --skip="*.js" * Fix typos discovered by codespell * datas * intgers ==> integers 
python3 -m pip install codespell

codespell --ignore-words-list="ba,cant,datas,hart,linke,ned,nin,overthere,upto" --skip="*.js"

* Fix typos discovered by codespell

* datas

* intgers ==> integers
 build: make yaml syntax more uniform 2021-02-25T11:22:31+00:00 Ned Batchelder ned@nedbatchelder.com 2021-02-25T02:01:55+00:00 6c802eabcc79c0995ea7bde307527cf13f5f6a8c 






Auto-cancel workflows when pushing to a branch
2020-12-05T19:07:53+00:00

Ned Batchelder
ned@nedbatchelder.com

2020-12-05T18:22:46+00:00

802f60c8df2034913db242323a8d0b3a15abe5eb