Add specific permissions to workflows under .github/workflows (#704)

* Restrict permissions for the GITHUB_TOKEN in .github/workflows/release.yml * Restrict permissions for the GITHUB_TOKEN in .github/workflows/test.yml Co-authored-by: Step Security <bot@stepsecurity.io>
2022-02-19 19:53:11 -08:00 · 2022-02-19 19:53:11 -08:00 · 22e46b846c
parent 496b2c02c5
commit 22e46b846c
2 changed files with 4 additions and 0 deletions
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@ -21,6 +21,8 @@ on:
      - ".github/workflows/*.yml"
 jobs:
  build:
+    permissions:
+      contents: write
    strategy:
      matrix:
        # Include amd64 on all platforms.
--- a/.github/workflows/test.yml
+++ b/.github/workflows/test.yml
@ -19,6 +19,8 @@ on:

 jobs:
  test:
+    permissions:
+      contents: read
    runs-on: ${{ matrix.os }}
    strategy:
      fail-fast: false