Skip to content

security: add permissions block to workflows#207

Merged
v1v merged 1 commit into
mainfrom
gh-oblt/add-permission-block-to-workflows
Feb 26, 2024
Merged

security: add permissions block to workflows#207
v1v merged 1 commit into
mainfrom
gh-oblt/add-permission-block-to-workflows

Conversation

@reakaleek

Copy link
Copy Markdown
Member

Details

⚠️ This PR was created by an automated tool. Please review the changes carefully. ⚠️

We want to set the default permissions for workflows to read-only for contents.
This is a security measure to prevent accidental changes to the repository.

This change adds a top-level permissions block to all workflows in the .github/workflows directory.

permissions:
  contents: read

In some cases workflows might need more permissions than just contents: read.
Please checkout this branch and add the necessary permissions to the workflows.

If your workflow uses a Personal Access Token (PAT), we can still add the permissions block,
but it will not have any effect.

Merging this PR as is might cause workflows that need more permissions to fail.

If there are any questions, please reach out to the @elastic/observablt-ci

@reakaleek reakaleek self-assigned this Feb 17, 2024
@reakaleek reakaleek requested a review from a team February 17, 2024 19:33
@v1v v1v merged commit 79842ec into main Feb 26, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants