Skip to content

Commit 9de2b76

Browse files
hiromieguchi802-labSharra-writes
hiromieguchi802-lab
and
Sharra-writes
authored
docs: clarify forked pull request token wording (#43508)
Co-authored-by: hiromieguchi802-lab <270042125+hiromieguchi802-lab@users.noreply.github.com> Co-authored-by: Sharra-writes <sharra-writes@github.com>
1 parent fe09bde commit 9de2b76

File tree

1 file changed

+1
-1
lines changed

1 file changed

+1
-1
lines changed

content/actions/reference/workflows-and-actions/workflow-syntax.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -279,7 +279,7 @@ The value of this parameter is a string specifying the data type of the input. T
279279

280280
## How permissions are calculated for a workflow job
281281

282-
The permissions for the `GITHUB_TOKEN` are initially set to the default setting for the enterprise, organization, or repository. If the default is set to the restricted permissions at any of these levels then this will apply to the relevant repositories. For example, if you choose the restricted default at the organization level then all repositories in that organization will use the restricted permissions as the default. The permissions are then adjusted based on any configuration within the workflow file, first at the workflow level and then at the job level. Finally, if the workflow was triggered by a pull request from a forked repository, and the **Send write tokens to workflows from pull requests** setting is not selected, the permissions are adjusted to change any write permissions to read only.
282+
The permissions for the `GITHUB_TOKEN` are initially set to the default setting for the enterprise, organization, or repository. If the default is set to the restricted permissions at any of these levels then this will apply to the relevant repositories. For example, if you choose the restricted default at the organization level then all repositories in that organization will use the restricted permissions as the default. The permissions are then adjusted based on any configuration within the workflow file, first at the workflow level and then at the job level. Finally, if the workflow was triggered by a pull request event other than `pull_request_target` from a forked repository, and the **Send write tokens to workflows from pull requests** setting is not selected, the permissions are adjusted to change any write permissions to read only.
283283

284284
### Setting the `GITHUB_TOKEN` permissions for all jobs in a workflow
285285

0 commit comments

Comments
 (0)