joachim/FileRise
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

CI: set least-privileged GITHUB_TOKEN (permissions: contents: read)

Browse Source
This commit is contained in:
Ryan
2025-10-09 00:09:27 -04:00
committed by GitHub
parent c22c8e0f34
commit f2ab2a96bc
3 changed files with 4 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
.github/workflows/ci.yml vendored
View File

@@ -6,6 +6,9 @@ name: CI
pull_request: pull_request:
workflow_dispatch: workflow_dispatch:
permissions:
contents: read
concurrency: concurrency:
group: ci-${{ github.ref }} group: ci-${{ github.ref }}
cancel-in-progress: true cancel-in-progress: true
@@ -62,7 +65,7 @@ jobs:
with: with:
dockerfile: Dockerfile dockerfile: Dockerfile
failure-threshold: error failure-threshold: error
ignore: DL3008,DL3059 ignore: DL3008,DL3059
sanity: sanity:
runs-on: ubuntu-latest runs-on: ubuntu-latest
@@ -87,4 +90,3 @@ jobs:
else else
echo "No YAML files." echo "No YAML files."
fi fi

1
.github/workflows/sync-changelog.yml vendored
View File

@@ -42,4 +42,3 @@ jobs:
git commit -m "chore: sync CHANGELOG.md from FileRise" git commit -m "chore: sync CHANGELOG.md from FileRise"
git push origin main git push origin main
fi fi

1
docker-compose.yml
View File

@@ -41,4 +41,3 @@ services:
timeout: 5s timeout: 5s
retries: 3 retries: 3
start_period: 20s start_period: 20s