mirrors/Xray-core
1
0
Fork 0
mirror of https://github.com/XTLS/Xray-core.git synced 2024-09-28 20:26:28 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add specific permissions to workflows under .github/workflows (#704)

Browse Source 
* Restrict permissions for the GITHUB_TOKEN in .github/workflows/release.yml

* Restrict permissions for the GITHUB_TOKEN in .github/workflows/test.yml

Co-authored-by: Step Security <bot@stepsecurity.io>
This commit is contained in:
Varun Sharma 2022-02-19 19:53:11 -08:00 committed by GitHub
parent 496b2c02c5
commit 22e46b846c
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.github/workflows/release.yml vendored
View File

@ -21,6 +21,8 @@ on:
- ".github/workflows/*.yml" - ".github/workflows/*.yml"
jobs: jobs:
build: build:
permissions:
contents: write
strategy: strategy:
matrix: matrix:
# Include amd64 on all platforms. # Include amd64 on all platforms.

2
.github/workflows/test.yml vendored
View File

@ -19,6 +19,8 @@ on:
jobs: jobs:
test: test:
permissions:
contents: read
runs-on: ${{ matrix.os }} runs-on: ${{ matrix.os }}
strategy: strategy:
fail-fast: false fail-fast: false