From 22e46b846c9cce3c0e2f804091116d906fe52b7c Mon Sep 17 00:00:00 2001 From: Varun Sharma Date: Sat, 19 Feb 2022 19:53:11 -0800 Subject: [PATCH] Add specific permissions to workflows under .github/workflows (#704) * Restrict permissions for the GITHUB_TOKEN in .github/workflows/release.yml * Restrict permissions for the GITHUB_TOKEN in .github/workflows/test.yml Co-authored-by: Step Security --- .github/workflows/release.yml | 2 ++ .github/workflows/test.yml | 2 ++ 2 files changed, 4 insertions(+) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 73639cdd..6d48a70c 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -21,6 +21,8 @@ on: - ".github/workflows/*.yml" jobs: build: + permissions: + contents: write strategy: matrix: # Include amd64 on all platforms. diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 340702fb..82dcfeb3 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -19,6 +19,8 @@ on: jobs: test: + permissions: + contents: read runs-on: ${{ matrix.os }} strategy: fail-fast: false