tedkulp/PrivateBin
1
0
Fork 0
mirror of https://github.com/PrivateBin/PrivateBin.git synced 2026-04-21 22:17:44 -04:00
Code Issues Packages Projects Releases Wiki Activity

apply explicit permissions as per CodeQL suggestion

Browse Source 
as per rule ID actions/missing-workflow-permissions
This commit is contained in:
El RIDO
2025-10-10 15:07:44 +02:00
parent bab4d50cd4
commit 7eec8caae3
5 changed files with 20 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
.github/workflows/codeql-analysis.yml
+4
View File
@@ -18,6 +18,10 @@ on:
schedule:
- cron: '28 22 * * 5'
permissions:
contents: read
security-events: write
jobs:
analyze:
name: Analyze
.github/workflows/release.yml
+4
View File
@@ -4,8 +4,12 @@ on:
push:
tags: '[0-9]+.[0-9]?[0-9]?[0-9]?.?[0-9]+'
permissions: {}
jobs:
draft:
permissions:
contents: write
runs-on: ubuntu-latest
steps:
- name: Fetch changelog from tag
.github/workflows/snyk-scan.yml
+5
View File
@@ -8,6 +8,11 @@ on:
branches: [ master ]
pull_request:
branches: [ master ]
permissions:
contents: read
security-events: write
jobs:
# https://github.com/snyk/actions/tree/master/php
snyk-php:
.github/workflows/tests.yml
+3
View File
@@ -1,8 +1,11 @@
name: Tests
on:
push:
workflow_dispatch:
permissions: {}
jobs:
Composer: