Task/#104 net 10 upgrade#106
Conversation
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
Check warning
Code scanning / CodeQL
Workflow does not contain permissions Medium
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix
AI 5 months ago
To fix this issue, explicitly add a permissions block at the root of the workflow file. Begin by setting the permissions to the lowest possible value (read-only access for contents), and elevate permissions only in those jobs or steps that genuinely require them (such as jobs using actions that upload or download artifacts, though most such actions only require contents: read). Since the workflow mainly restores/builds code, interacts with docker, and uploads/downloads artifacts, contents: read will likely suffice. Set this block immediately after the name: declaration and before the on: block to ensure it applies globally to all jobs, unless overridden by a job-level permissions block.
| @@ -1,4 +1,6 @@ | ||
| name: Release | ||
| permissions: | ||
| contents: read | ||
|
|
||
| on: | ||
| release: |
2 participants
closes #104
closes #105
closes #103