Skip to content

Commit

Permalink
ci: Security hardening for GitHub Actions
Browse files Browse the repository at this point in the history 
https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs

The idea is that the software supply chain relies on 3rd party actions
that could be compromised. Mitigate this risk by giving these actions
minimal rights to the repository. Here read-only access is good enough.
  • Loading branch information
@DimitriPapadopoulos @adrienverge
DimitriPapadopoulos authored and adrienverge committed Oct 14, 2022
1 parent 22ddf4c commit 4d271f3
Showing 1 changed file with 3 additions and 0 deletions.
3 changes: 3 additions & 0 deletions .github/workflows/ci.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,9 @@ on: # yamllint disable-line rule:truthy
branches:
- master

permissions:
contents: read

jobs:
lint:
name: Linters
Expand Down

0 comments on commit 4d271f3

Please sign in to comment.