mirror of
https://github.com/actions/download-artifact.git
synced 2024-12-22 22:32:43 +00:00
Add permissions declarations
This commit is contained in:
parent
ffa637dcd4
commit
c3c8e4145a
4 changed files with 13 additions and 0 deletions
3
.github/workflows/check-dist.yml
vendored
3
.github/workflows/check-dist.yml
vendored
|
@ -6,6 +6,9 @@
|
||||||
# We need to make sure the checked-in `index.js` actually matches what we expect it to be.
|
# We need to make sure the checked-in `index.js` actually matches what we expect it to be.
|
||||||
name: Check dist/
|
name: Check dist/
|
||||||
|
|
||||||
|
permissions:
|
||||||
|
contents: read
|
||||||
|
|
||||||
on:
|
on:
|
||||||
push:
|
push:
|
||||||
branches:
|
branches:
|
||||||
|
|
4
.github/workflows/codeql-analysis.yml
vendored
4
.github/workflows/codeql-analysis.yml
vendored
|
@ -1,5 +1,9 @@
|
||||||
name: "Code scanning - action"
|
name: "Code scanning - action"
|
||||||
|
|
||||||
|
permissions:
|
||||||
|
contents: read
|
||||||
|
security-events: write
|
||||||
|
|
||||||
on:
|
on:
|
||||||
push:
|
push:
|
||||||
branches-ignore: "dependabot/**"
|
branches-ignore: "dependabot/**"
|
||||||
|
|
3
.github/workflows/licensed.yml
vendored
3
.github/workflows/licensed.yml
vendored
|
@ -1,5 +1,8 @@
|
||||||
name: Licensed
|
name: Licensed
|
||||||
|
|
||||||
|
permissions:
|
||||||
|
contents: read
|
||||||
|
|
||||||
on:
|
on:
|
||||||
push:
|
push:
|
||||||
branches:
|
branches:
|
||||||
|
|
3
.github/workflows/test.yml
vendored
3
.github/workflows/test.yml
vendored
|
@ -7,6 +7,9 @@ on:
|
||||||
paths-ignore:
|
paths-ignore:
|
||||||
- '**.md'
|
- '**.md'
|
||||||
|
|
||||||
|
permissions:
|
||||||
|
contents: read
|
||||||
|
|
||||||
jobs:
|
jobs:
|
||||||
test:
|
test:
|
||||||
name: Build and Test
|
name: Build and Test
|
||||||
|
|
Loading…
Reference in a new issue