Skip to content

Commit cf2869f

Browse files
fix(ci): set minimal permissions for test workflow (#127)
Potential fix for [https://github.com/CoderCoco/game-server-deploy/security/code-scanning/12](https://github.com/CoderCoco/game-server-deploy/security/code-scanning/12) Add an explicit `permissions` block to `.github/workflows/test.yml` at the workflow root so it applies to all jobs (including `test`) unless overridden. For this workflow, the best minimal permission is: - `contents: read` This is sufficient for `actions/checkout` and typical test execution, and it documents least privilege without changing functionality. Edit region: near the top-level keys (`name`, `on`, `jobs`) in `.github/workflows/test.yml`, inserting `permissions` between `on` and `jobs` (or anywhere at root level). No imports, methods, or additional definitions are needed. _Suggested fixes powered by Copilot Autofix. Review carefully before merging._ Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
1 parent 1fd8247 commit cf2869f

1 file changed

Lines changed: 3 additions & 0 deletions

File tree

.github/workflows/test.yml

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -5,6 +5,9 @@ on:
55
push:
66
branches: [main]
77

8+
permissions:
9+
contents: read
10+
811
jobs:
912
test:
1013
runs-on: ubuntu-latest

0 commit comments

Comments
 (0)