net 10 upgrade completed#369
Conversation
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
Check warning
Code scanning / CodeQL
Workflow does not contain permissions Medium
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix
AI 5 months ago
To fix the problem, you should add the permissions block to the root of the workflow YAML file so that it applies to all jobs which do not have their own job-level permissions. In this case, none of the jobs appear to perform modifications to the repository or require write access except for uploading and downloading artifacts (which use their own APIs and do not require repo write access). Therefore, the minimal permissions required are likely contents: read. You should insert the permissions block immediately below the workflow name at the top of the file. No code outside the workflow YAML needs to change. No new methods, imports, or definitions are necessary.
| @@ -1,4 +1,6 @@ | ||
| name: Release | ||
| permissions: | ||
| contents: read | ||
|
|
||
| on: | ||
| release: |
2 participants
closes #366
closes #367
closes #368