gh-127785: Limit check labels github action permission #130596
Conversation
|
All commit authors signed the Contributor License Agreement. |
|
Most changes to Python require a NEWS entry. Add one using the blurb_it web app or the blurb command-line tool. If this change has little impact on Python users, wait for a maintainer to apply the |
|
Thanks @shenxianpeng for the PR, and @AA-Turner for merging it 🌮🎉.. I'm working now to backport this PR to: 3.13. |
|
Thanks @shenxianpeng for the PR, and @AA-Turner for merging it 🌮🎉.. I'm working now to backport this PR to: 3.12. |
|
Sorry, @shenxianpeng and @AA-Turner, I could not cleanly backport this to |
|
Sorry, @shenxianpeng and @AA-Turner, I could not cleanly backport this to |
|
@shenxianpeng Please could you take care of the backports? Thanks! |
…ython#130596) (cherry picked from commit 5ba69e7)
…flow (pythonGH-130596) (cherry picked from commit 5ba69e7) Co-authored-by: shenxianpeng <[email protected]>
|
GH-130623 is a backport of this pull request to the 3.12 branch. |
|
GH-130623 is a backport of this pull request to the 3.13 branch. |
|
GH-130624 is a backport of this pull request to the 3.12 branch. |
|
GH-130625 is a backport of this pull request to the 3.12 branch. |
Sure, I've already taken care of the backports. |
) (#130625) Co-authored-by: Adam Turner <[email protected]>
) (#130623) Co-authored-by: shenxianpeng <[email protected]>
The workflow checks for labels on pull requests using the
mheap/github-action-required-labelsaction. Since this action only reads PR labels without modifying them, it does not require write permissions.I tested it in my test-repo/pull/11, removed
issues: writeand changedpull-requests: writetopull-requests: readto limit permissions, The workflow functioned as expected.require-pr-label.ymlworkflow #127785