Commit cf2869f
fix(ci): set minimal permissions for test workflow (#127)
Potential fix for
[https://github.com/CoderCoco/game-server-deploy/security/code-scanning/12](https://github.com/CoderCoco/game-server-deploy/security/code-scanning/12)
Add an explicit `permissions` block to `.github/workflows/test.yml` at
the workflow root so it applies to all jobs (including `test`) unless
overridden.
For this workflow, the best minimal permission is:
- `contents: read`
This is sufficient for `actions/checkout` and typical test execution,
and it documents least privilege without changing functionality.
Edit region: near the top-level keys (`name`, `on`, `jobs`) in
`.github/workflows/test.yml`, inserting `permissions` between `on` and
`jobs` (or anywhere at root level).
No imports, methods, or additional definitions are needed.
_Suggested fixes powered by Copilot Autofix. Review carefully before
merging._
Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>1 parent 1fd8247 commit cf2869f
1 file changed
Lines changed: 3 additions & 0 deletions
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
5 | 5 | | |
6 | 6 | | |
7 | 7 | | |
| 8 | + | |
| 9 | + | |
| 10 | + | |
8 | 11 | | |
9 | 12 | | |
10 | 13 | | |
| |||
0 commit comments