gnucash maint: Lock down GITHUB_TOKEN permissions on workflows.
John Ralls
jralls at code.gnucash.org
Tue Jun 21 12:43:36 EDT 2022
Updated via https://github.com/Gnucash/gnucash/commit/b11536a1 (commit)
from https://github.com/Gnucash/gnucash/commit/f7cdc196 (commit)
commit b11536a1d6d87ad1c26f7ffc5140c336022dff6d
Author: John Ralls <jralls at ceridwen.us>
Date: Tue Jun 21 09:08:25 2022 -0700
Lock down GITHUB_TOKEN permissions on workflows.
diff --git a/.github/workflows/ci-docker.yml b/.github/workflows/ci-docker.yml
index 95f144a77..707f08e48 100644
--- a/.github/workflows/ci-docker.yml
+++ b/.github/workflows/ci-docker.yml
@@ -1,5 +1,6 @@
name: ci-tests-docker
on: [push, pull_request]
+permissions: {}
jobs:
ci_tests_archlinux:
runs-on: ubuntu-latest
diff --git a/.github/workflows/ci-tests.yml b/.github/workflows/ci-tests.yml
index f49cc1045..1303c17fc 100644
--- a/.github/workflows/ci-tests.yml
+++ b/.github/workflows/ci-tests.yml
@@ -1,5 +1,6 @@
name: ci-tests
on: [push, pull_request]
+permissions: {}
jobs:
ci_tests_ubuntu-18:
runs-on: ubuntu-18.04
diff --git a/.github/workflows/mac-tests.yaml b/.github/workflows/mac-tests.yaml
index 485c996d4..e77621e94 100644
--- a/.github/workflows/mac-tests.yaml
+++ b/.github/workflows/mac-tests.yaml
@@ -1,5 +1,6 @@
name: mac-tests
on: [push, pull_request]
+permissions: {}
jobs:
ci_tests_mac:
runs-on: macos-10.15
Summary of changes:
.github/workflows/ci-docker.yml | 1 +
.github/workflows/ci-tests.yml | 1 +
.github/workflows/mac-tests.yaml | 1 +
3 files changed, 3 insertions(+)
More information about the gnucash-changes
mailing list