mirror of
https://github.com/gradle/actions.git
synced 2026-04-19 18:12:58 +08:00
Limit token permissions in GitHub workflows (#440)
See https://github.com/ossf/scorecard/blob/ea7e27ed41b76ab879c862fa0ca4cc9c61764ee4/docs/checks.md#token-permissions
This commit is contained in:
@@ -7,11 +7,13 @@ on:
|
||||
workflow_dispatch:
|
||||
|
||||
permissions:
|
||||
contents: write
|
||||
pull-requests: write
|
||||
contents: read
|
||||
|
||||
jobs:
|
||||
update-checksums:
|
||||
permissions:
|
||||
contents: write
|
||||
pull-requests: write
|
||||
name: Update checksums
|
||||
runs-on: ubuntu-latest
|
||||
|
||||
|
||||
Reference in New Issue
Block a user