Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit 6575cba

Browse files
thomasjpfanogrisel
authored and
jpangas
committed
CI Adds permissions to workflows that use GITHUB_TOKEN (scikit-learn#25600)
Co-authored-by: Olivier Grisel <[email protected]>
1 parent 228184d commit 6575cba

File tree

5 files changed

+29
-0
lines changed

5 files changed

+29
-0
lines changed

.github/workflows/artifact-redirector.yml

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,12 @@
11
name: CircleCI artifacts redirector
22
on: [status]
3+
4+
# Restrict the permissions granted to the use of secrets.GITHUB_TOKEN in this
5+
# github actions workflow:
6+
# https://docs.github.com/en/actions/security-guides/automatic-token-authentication
7+
permissions:
8+
statuses: write
9+
310
jobs:
411
circleci_artifacts_redirector_job:
512
runs-on: ubuntu-latest

.github/workflows/assign.yml

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -4,6 +4,12 @@ on:
44
issue_comment:
55
types: created
66

7+
# Restrict the permissions granted to the use of secrets.GITHUB_TOKEN in this
8+
# github actions workflow:
9+
# https://docs.github.com/en/actions/security-guides/automatic-token-authentication
10+
permissions:
11+
issues: write
12+
713
jobs:
814
one:
915
runs-on: ubuntu-latest

.github/workflows/labeler-module.yml

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -3,6 +3,13 @@ on:
33
pull_request_target:
44
types: [opened]
55

6+
# Restrict the permissions granted to the use of secrets.GITHUB_TOKEN in this
7+
# github actions workflow:
8+
# https://docs.github.com/en/actions/security-guides/automatic-token-authentication
9+
permissions:
10+
contents: read
11+
pull-requests: write
12+
613
jobs:
714
triage:
815
runs-on: ubuntu-latest

.github/workflows/labeler-title-regex.yml

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -3,6 +3,9 @@ on:
33
pull_request_target:
44
types: [opened, edited]
55

6+
# Restrict the permissions granted to the use of secrets.GITHUB_TOKEN in this
7+
# github actions workflow:
8+
# https://docs.github.com/en/actions/security-guides/automatic-token-authentication
69
permissions:
710
contents: read
811
pull-requests: write

.github/workflows/unassign.yml

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -4,6 +4,12 @@ on:
44
issues:
55
types: unassigned
66

7+
# Restrict the permissions granted to the use of secrets.GITHUB_TOKEN in this
8+
# github actions workflow:
9+
# https://docs.github.com/en/actions/security-guides/automatic-token-authentication
10+
permissions:
11+
issues: write
12+
713
jobs:
814
one:
915
runs-on: ubuntu-latest

0 commit comments

Comments
 (0)