From 1fdfbbb83d097afdd0aac6727ceba2a34858c158 Mon Sep 17 00:00:00 2001 From: johnson2427 Date: Wed, 8 May 2024 15:29:16 -0500 Subject: [PATCH 1/2] fix: permissions in workflows --- .github/workflows/commitlint.yaml | 3 +++ .github/workflows/draft.yaml | 4 ++++ .github/workflows/publish.yaml | 3 +++ .github/workflows/test.yaml | 9 +++++++++ .github/workflows/title.yaml | 3 +++ 5 files changed, 22 insertions(+) diff --git a/.github/workflows/commitlint.yaml b/.github/workflows/commitlint.yaml index 3b8de5e1..a7894c2a 100644 --- a/.github/workflows/commitlint.yaml +++ b/.github/workflows/commitlint.yaml @@ -8,6 +8,9 @@ jobs: check: runs-on: ubuntu-latest + permissions: + contents: write + steps: - uses: actions/checkout@v4 with: diff --git a/.github/workflows/draft.yaml b/.github/workflows/draft.yaml index 423582b6..75d5ef38 100644 --- a/.github/workflows/draft.yaml +++ b/.github/workflows/draft.yaml @@ -8,6 +8,10 @@ on: jobs: update-draft: runs-on: ubuntu-latest + + permissions: + contents: write + steps: # Drafts your next Release notes as Pull Requests are merged into "main" - uses: release-drafter/release-drafter@v5 diff --git a/.github/workflows/publish.yaml b/.github/workflows/publish.yaml index 2c550693..da44be59 100644 --- a/.github/workflows/publish.yaml +++ b/.github/workflows/publish.yaml @@ -9,6 +9,9 @@ jobs: runs-on: ubuntu-latest + permissions: + contents: write + steps: - uses: actions/checkout@v4 diff --git a/.github/workflows/test.yaml b/.github/workflows/test.yaml index 00f14bdd..bc7c0ff1 100644 --- a/.github/workflows/test.yaml +++ b/.github/workflows/test.yaml @@ -6,6 +6,9 @@ jobs: linting: runs-on: ubuntu-latest + permissions: + contents: write + steps: - uses: actions/checkout@v4 @@ -29,6 +32,9 @@ jobs: type-check: runs-on: ubuntu-latest + permissions: + contents: write + steps: - uses: actions/checkout@v4 @@ -46,6 +52,9 @@ jobs: functional: runs-on: ${{ matrix.os }} + permissions: + contents: write + strategy: matrix: # TODO: Replace with macos-latest when works again. diff --git a/.github/workflows/title.yaml b/.github/workflows/title.yaml index 53496aff..99d95c18 100644 --- a/.github/workflows/title.yaml +++ b/.github/workflows/title.yaml @@ -11,6 +11,9 @@ jobs: check: runs-on: ubuntu-latest + permissions: + contents: write + steps: - uses: actions/checkout@v4 From e4373336caa869a1a6478b0c2dfc68c3f66cc328 Mon Sep 17 00:00:00 2001 From: johnson2427 Date: Wed, 8 May 2024 15:39:21 -0500 Subject: [PATCH 2/2] fix: unnecessary permissions --- .github/workflows/commitlint.yaml | 3 --- .github/workflows/test.yaml | 9 --------- .github/workflows/title.yaml | 3 --- 3 files changed, 15 deletions(-) diff --git a/.github/workflows/commitlint.yaml b/.github/workflows/commitlint.yaml index a7894c2a..3b8de5e1 100644 --- a/.github/workflows/commitlint.yaml +++ b/.github/workflows/commitlint.yaml @@ -8,9 +8,6 @@ jobs: check: runs-on: ubuntu-latest - permissions: - contents: write - steps: - uses: actions/checkout@v4 with: diff --git a/.github/workflows/test.yaml b/.github/workflows/test.yaml index bc7c0ff1..00f14bdd 100644 --- a/.github/workflows/test.yaml +++ b/.github/workflows/test.yaml @@ -6,9 +6,6 @@ jobs: linting: runs-on: ubuntu-latest - permissions: - contents: write - steps: - uses: actions/checkout@v4 @@ -32,9 +29,6 @@ jobs: type-check: runs-on: ubuntu-latest - permissions: - contents: write - steps: - uses: actions/checkout@v4 @@ -52,9 +46,6 @@ jobs: functional: runs-on: ${{ matrix.os }} - permissions: - contents: write - strategy: matrix: # TODO: Replace with macos-latest when works again. diff --git a/.github/workflows/title.yaml b/.github/workflows/title.yaml index 99d95c18..53496aff 100644 --- a/.github/workflows/title.yaml +++ b/.github/workflows/title.yaml @@ -11,9 +11,6 @@ jobs: check: runs-on: ubuntu-latest - permissions: - contents: write - steps: - uses: actions/checkout@v4