Skip to content

ci(ci): do not pass secrets to reusable workflow#32

Merged
Fdawgs merged 1 commit into
mainfrom
ci/ci-secrets
May 22, 2026
Merged

ci(ci): do not pass secrets to reusable workflow#32
Fdawgs merged 1 commit into
mainfrom
ci/ci-secrets

Conversation

@Fdawgs

@Fdawgs Fdawgs commented May 22, 2026

Copy link
Copy Markdown
Owner

Excessive secret inheritance as the underlying workflow doesn't need any of them.

Checklist

Copilot AI review requested due to automatic review settings May 22, 2026 10:02
@Fdawgs Fdawgs changed the title ci(ci): do not pass secrets to resusable workflow ci(ci): do not pass secrets to reusable workflow May 22, 2026

Copilot AI left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR reduces secret exposure in CI by removing unnecessary secret inheritance when calling the reusable code-quality workflow, aligning with least-privilege principles for GitHub Actions.

Changes:

  • Removed secrets: inherit from the code-quality reusable workflow invocation in CI.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@Fdawgs Fdawgs merged commit fce81fc into main May 22, 2026
6 checks passed
@Fdawgs Fdawgs deleted the ci/ci-secrets branch May 22, 2026 10:04
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants