Skip to content

Commit 9f5e801

Browse files
authored
chore(ci): add explicit permissions to satisfy CodeQL (#60)
1 parent ef12ad6 commit 9f5e801

4 files changed

Lines changed: 13 additions & 0 deletions

File tree

.github/workflows/ci.yml

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -18,6 +18,9 @@ on:
1818
- "Sources/**"
1919
- "Tests/**"
2020

21+
permissions:
22+
contents: read
23+
2124
concurrency:
2225
group: validator-${{ github.head_ref }}
2326
cancel-in-progress: true

.github/workflows/conventional-pr.yml

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -8,6 +8,10 @@ on:
88
- opened
99
- edited
1010
- synchronize
11+
permissions:
12+
contents: read
13+
pull-requests: read
14+
statuses: write
1115
jobs:
1216
lint-pr:
1317
runs-on: ubuntu-latest

.github/workflows/danger.yml

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -8,6 +8,10 @@ env:
88
LC_CTYPE: en_US.UTF-8
99
LANG: en_US.UTF-8
1010

11+
permissions:
12+
contents: read
13+
pull-requests: write
14+
1115
jobs:
1216
run-danger:
1317
runs-on: ubuntu-latest

.github/workflows/lint.yml

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -29,6 +29,8 @@ jobs:
2929
discover-typos:
3030
name: discover-typos
3131
runs-on: macos-15
32+
permissions:
33+
contents: read
3234
env:
3335
DEVELOPER_DIR: /Applications/Xcode_16.4.app/Contents/Developer
3436
steps:

0 commit comments

Comments
 (0)