Skip to content

Update 8hobbies/workflows digest to b569198#202

Merged
renovate[bot] merged 1 commit into
masterfrom
renovate/all-digest
May 4, 2025
Merged

Update 8hobbies/workflows digest to b569198#202
renovate[bot] merged 1 commit into
masterfrom
renovate/all-digest

Conversation

@renovate
Copy link
Copy Markdown
Contributor

@renovate renovate Bot commented May 4, 2025

This PR contains the following updates:

Package Type Update Change
8hobbies/workflows action digest f5c8ef4 -> b569198

Configuration

📅 Schedule: Branch creation - "on Sunday" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate Bot enabled auto-merge (squash) May 4, 2025 09:58
@renovate renovate Bot requested a review from xuhdev as a code owner May 4, 2025 09:58
github-advanced-security[bot]
github-advanced-security AI found potential problems May 4, 2025
View reviewed changes
Comment thread .github/workflows/lint.yml
jobs:
lint:
uses: 8hobbies/workflows/.github/workflows/npm-lint.yml@f5c8ef425eb98fbd138800d88fddbbb867b60873
uses: 8hobbies/workflows/.github/workflows/npm-lint.yml@b569198ec9f37a053f8ca8ca4f73cd0659fe2a43

Check warning

Code scanning / CodeQL

Workflow does not contain permissions Medium

Actions job or workflow does not limit the permissions of the GITHUB_TOKEN. Consider setting an explicit permissions block, using the following as a minimal starting point: {}

Copilot Autofix

AI about 1 year ago

To fix the issue, we will add a permissions block at the root level of the workflow. Since this is a linting workflow, it likely only requires read access to the repository contents. We will set contents: read as the minimal permission. This ensures that the GITHUB_TOKEN has the least privileges necessary to execute the workflow.

Suggested changeset 1
.github/workflows/lint.yml

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml
--- a/.github/workflows/lint.yml
+++ b/.github/workflows/lint.yml
@@ -16,2 +16,5 @@
 
+permissions:
+  contents: read
+
 on:
EOF
@@ -16,2 +16,5 @@

permissions:
contents: read

on:
Copilot is powered by AI and may make mistakes. Always verify output.
Comment thread .github/workflows/publish-dry-run.yml
jobs:
run:
uses: 8hobbies/workflows/.github/workflows/npm-publish-dry-run.yml@f5c8ef425eb98fbd138800d88fddbbb867b60873
uses: 8hobbies/workflows/.github/workflows/npm-publish-dry-run.yml@b569198ec9f37a053f8ca8ca4f73cd0659fe2a43

Check warning

Code scanning / CodeQL

Workflow does not contain permissions Medium

Actions job or workflow does not limit the permissions of the GITHUB_TOKEN. Consider setting an explicit permissions block, using the following as a minimal starting point: {}

Copilot Autofix

AI about 1 year ago

To fix the issue, we will add a permissions block at the root level of the workflow. This block will define the minimal permissions required for the workflow to function. Since the workflow is performing a "publish dry run," it likely only needs contents: read permissions to access repository contents. If additional permissions are required, they can be added based on the specific needs of the reusable workflow.

Suggested changeset 1
.github/workflows/publish-dry-run.yml

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/.github/workflows/publish-dry-run.yml b/.github/workflows/publish-dry-run.yml
--- a/.github/workflows/publish-dry-run.yml
+++ b/.github/workflows/publish-dry-run.yml
@@ -16,2 +16,5 @@
 
+permissions:
+  contents: read
+
 on:
EOF
@@ -16,2 +16,5 @@

permissions:
contents: read

on:
Copilot is powered by AI and may make mistakes. Always verify output.
Comment thread .github/workflows/runtime.yml
jobs:
test:
uses: 8hobbies/workflows/.github/workflows/npm-runtime.yml@f5c8ef425eb98fbd138800d88fddbbb867b60873
uses: 8hobbies/workflows/.github/workflows/npm-runtime.yml@b569198ec9f37a053f8ca8ca4f73cd0659fe2a43

Check warning

Code scanning / CodeQL

Workflow does not contain permissions Medium

Actions job or workflow does not limit the permissions of the GITHUB_TOKEN. Consider setting an explicit permissions block, using the following as a minimal starting point: {}

Copilot Autofix

AI about 1 year ago

To fix the issue, add a permissions block at the root of the workflow file. This block will explicitly define the permissions granted to the GITHUB_TOKEN for all jobs in the workflow. Based on the principle of least privilege, start with contents: read, which is sufficient for most basic CI workflows. If additional permissions are required by the reusable workflow, they can be added explicitly.

Suggested changeset 1
.github/workflows/runtime.yml

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/.github/workflows/runtime.yml b/.github/workflows/runtime.yml
--- a/.github/workflows/runtime.yml
+++ b/.github/workflows/runtime.yml
@@ -16,2 +16,5 @@
 
+permissions:
+  contents: read
+
 on:
EOF
@@ -16,2 +16,5 @@

permissions:
contents: read

on:
Copilot is powered by AI and may make mistakes. Always verify output.
@renovate renovate Bot merged commit d616a63 into master May 4, 2025
13 checks passed
@renovate renovate Bot deleted the renovate/all-digest branch May 4, 2025 10:00
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@xuhdev xuhdev Awaiting requested review from xuhdev xuhdev is a code owner

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@github-advanced-security