Skip to content

Potential fix for code scanning alert no. 2: Workflow does not contain permissions#21

Merged
danielbentes merged 1 commit into
mainfrom
alert-autofix-2
May 14, 2026
Merged

Potential fix for code scanning alert no. 2: Workflow does not contain permissions#21
danielbentes merged 1 commit into
mainfrom
alert-autofix-2

Conversation

@danielbentes
Copy link
Copy Markdown
Collaborator

@danielbentes danielbentes commented May 14, 2026

Potential fix for https://github.com/synaptiai/uim-protocol/security/code-scanning/2

Add an explicit top-level permissions block in .github/workflows/ci.yml so all jobs inherit minimal token access.
Best fix without changing functionality: set:

  • contents: read

This is sufficient for checkout and typical read-only CI tasks shown here, and does not grant unnecessary write access.
Change location: right after the on: triggers block (before jobs:), so both lint and test jobs inherit it automatically.

No imports, methods, or extra definitions are needed—just YAML configuration.

Suggested fixes powered by Copilot Autofix. Review carefully before merging.

@danielbentes @github-advanced-security
Potential fix for code scanning alert no. 2: Workflow does not contai…
2e8b91a 
…n permissions

Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
@danielbentes danielbentes marked this pull request as ready for review May 14, 2026 06:15
@danielbentes danielbentes merged commit 3b575b7 into main May 14, 2026
6 checks passed
@danielbentes danielbentes deleted the alert-autofix-2 branch May 14, 2026 06:17
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@danielbentes