Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Add explicit permissions to GitHub Actions#24579

Merged
tacaswell merged 1 commit into
matplotlib:mainfrom
QuLogic:action-permissions
Dec 2, 2022
Merged

Add explicit permissions to GitHub Actions#24579
tacaswell merged 1 commit into
matplotlib:mainfrom
QuLogic:action-permissions

Conversation

@QuLogic
Copy link
Copy Markdown
Member

@QuLogic QuLogic commented Dec 2, 2022

PR Summary

While everything we do is basically public, there's no reason to give the tokens on these jobs full permissions. (Note, once a single item is added, all other permissions are disabled.)

Also update the CircleCI check to the action's latest recommended jobs.

PR Checklist

Documentation and Tests

  • [n/a] Has pytest style unit tests (and pytest passes)
  • [n/a] Documentation is sphinx and numpydoc compliant (the docs should build without error).
  • [n/a] New plotting related features are documented with examples.

Release Notes

  • [n/a] New features are marked with a .. versionadded:: directive in the docstring and documented in doc/users/next_whats_new/
  • [n/a] API changes are marked with a .. versionchanged:: directive in the docstring and documented in doc/api/next_api_changes/
  • [n/a] Release notes conform with instructions in next_whats_new/README.rst or next_api_changes/README.rst

@QuLogic QuLogic added topic: testing Maintenance CI: Run cibuildwheel Run wheel building tests on a PR labels Dec 2, 2022
@QuLogic QuLogic added this to the v3.6.3 milestone Dec 2, 2022
@QuLogic
Add explicit permissions to GitHub Actions
feec9c5 
Also update the CircleCI check to the action's latest recommended jobs.
@QuLogic QuLogic force-pushed the action-permissions branch from 67334d7 to feec9c5 Compare December 2, 2022 06:49
@QuLogic
Copy link
Copy Markdown
Member Author

QuLogic commented Dec 2, 2022
edited
Loading

I threw in a few bugs, and they were correctly reported, so I've removed them now. Not 100% confident on the nightly bits, as the GitHub docs are a bit vague on what the permissions do, but I think they're correct.

@tacaswell tacaswell merged commit 24f9128 into matplotlib:main Dec 2, 2022
@lumberbot-app
Copy link
Copy Markdown

lumberbot-app Bot commented Dec 2, 2022

Owee, I'm MrMeeseeks, Look at me.

There seem to be a conflict, please backport manually. Here are approximate instructions:

  1. Checkout backport branch and update it.
git checkout v3.6.x
git pull
  1. Cherry pick the first parent branch of the this PR on top of the older branch:
git cherry-pick -x -m1 24f912845dd2765c86863945ed9a5fda82ed418b
  1. You will likely have some merge/cherry-pick conflict here, fix them and commit:
git commit -am 'Backport PR #24579: Add explicit permissions to GitHub Actions'
  1. Push to a named branch:
git push YOURFORK v3.6.x:auto-backport-of-pr-24579-on-v3.6.x
  1. Create a PR against branch v3.6.x, I would have named this PR:

"Backport PR #24579 on branch v3.6.x (Add explicit permissions to GitHub Actions)"

And apply the correct labels and milestones.

Congratulations — you did some good work! Hopefully your backport PR will be tested by the continuous integration and merged soon!

Remember to remove the Still Needs Manual Backport label once the PR gets merged.

If these instructions are inaccurate, feel free to suggest an improvement.

tacaswell added a commit to tacaswell/matplotlib that referenced this pull request Dec 2, 2022
@tacaswell
Backport PR matplotlib#24579: Add explicit permissions to GitHub Actions
733d967 
Merge pull request matplotlib#24579 from QuLogic/action-permissions

Add explicit permissions to GitHub Actions

(cherry picked from commit 24f9128)
@tacaswell tacaswell mentioned this pull request Dec 2, 2022
Merged
@QuLogic QuLogic deleted the action-permissions branch December 3, 2022 00:29
QuLogic added a commit that referenced this pull request Dec 3, 2022
@QuLogic
Merge pull request #24587 from tacaswell/auto-backport-of-pr-24579-on…
f902407 
…-v3.6.x

Backport PR #24579: Add explicit permissions to GitHub Actions
@QuLogic QuLogic mentioned this pull request Dec 15, 2022
Merged
1 task
@ksunden ksunden mentioned this pull request Feb 20, 2023
Merged
6 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@ksunden ksunden ksunden approved these changes

Assignees

No one assigned

Labels

CI: Run cibuildwheel Run wheel building tests on a PR Maintenance topic: testing

Projects

None yet

Milestone

v3.6.3

Development

Successfully merging this pull request may close these issues.

3 participants

@QuLogic @ksunden @tacaswell