Skip to content

Commit f2472b4

Browse files
Harden Github Action configuration (#3)
* Potential fix for code scanning alert no. 2: Workflow does not contain permissions Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> * fix permissions, add --provenance with perms, based our node images from .nvmrc --------- Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
1 parent 67e925a commit f2472b4

3 files changed

Lines changed: 9 additions & 4 deletions

File tree

.github/workflows/cd.yml

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -4,6 +4,10 @@ on:
44
push:
55
branches: [main]
66

7+
permissions:
8+
contents: read
9+
id-token: write
10+
711
jobs:
812
build-test-publish:
913
runs-on: ubuntu-latest

.github/workflows/ci.yml

Lines changed: 4 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -3,8 +3,9 @@ name: CI
33
on:
44
pull_request:
55
branches: [main]
6-
push:
7-
branches: [main]
6+
7+
permissions:
8+
contents: read
89

910
jobs:
1011
build-and-test:
@@ -15,7 +16,7 @@ jobs:
1516
- name: Set up Node.js
1617
uses: actions/setup-node@v4
1718
with:
18-
node-version: 20
19+
node-version: 22
1920

2021
- name: Clean install
2122
run: |

package.json

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -4,7 +4,7 @@
44
"description": "MCP for Devvit things",
55
"license": "BSD-3-Clause",
66
"author": "Marcus Wood",
7-
"bugs": "https://github.com/modelcontextprotocol/servers/issues",
7+
"bugs": "https://github.com/reddit/devvit-mcp/issues",
88
"type": "module",
99
"bin": {
1010
"devvit-mcp": "dist/index.js"

0 commit comments

Comments
 (0)