actions/ghaction-upx
1
0
Fork 0
mirror of https://github.com/crazy-max/ghaction-upx.git synced 2025-08-31 15:25:46 -06:00
Code Issues Packages Projects Releases Wiki Activity

ci: set contents read as default workflow permissions

Browse Source
This commit is contained in:
CrazyMax 2025-03-02 16:18:40 +01:00
parent d0b058af6b
commit 05f1368902
No known key found for this signature in database
GPG Key ID: ADE44D8C9D44FBE4
5 changed files with 29 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
.github/workflows/ci.yml vendored
View File

@ -4,6 +4,10 @@ concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
# https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions
permissions:
contents: read
on:
schedule:
- cron: '0 10 * * *'

9
.github/workflows/labels.yml vendored
View File

@ -4,6 +4,10 @@ concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
# https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions
permissions:
contents: read
on:
push:
branches:
@ -19,6 +23,11 @@ on:
jobs:
labeler:
runs-on: ubuntu-latest
permissions:
# same as global permissions
contents: read
# required to update labels
issues: write
steps:
-
name: Checkout

4
.github/workflows/test.yml vendored
View File

@ -4,6 +4,10 @@ concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
# https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions
permissions:
contents: read
on:
push:
branches:

8
.github/workflows/upx-releases-json.yml vendored
View File

@ -4,6 +4,10 @@ concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
# https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions
permissions:
contents: read
on:
workflow_dispatch:
schedule:
@ -27,6 +31,10 @@ jobs:
open-pr:
runs-on: ubuntu-22.04
if: github.event_name != 'pull_request'
permissions:
# required to create PR
contents: write
pull-requests: write
needs:
- generate
steps:

4
.github/workflows/validate.yml vendored
View File

@ -4,6 +4,10 @@ concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
# https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions
permissions:
contents: read
on:
push:
branches: