Skip to content

Fix 18 code scanning alerts #20

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 28 commits into from
Jul 3, 2025
Merged

Fix 18 code scanning alerts #20

merged 28 commits into from
Jul 3, 2025

Conversation

austenstone
Copy link
Owner

This PR contains autofixes for 18 code scanning alerts from GitHub Advanced Security.

The following alerts were fixed:

Alert # Rule ID Description Severity File Line Message
#18 actions/missing-workflow-permissions Workflow does not contain permissions medium .github/workflows/angular.yml 69 Actions job or workflow does not limit the permissions of the GITHUB_TOKEN. Consider setting an explicit permissions block, using the following as a minimal starting point: {{}}
#17 actions/missing-workflow-permissions Workflow does not contain permissions medium .github/workflows/angular.yml 59 Actions job or workflow does not limit the permissions of the GITHUB_TOKEN. Consider setting an explicit permissions block, using the following as a minimal starting point: {{}}
#16 actions/missing-workflow-permissions Workflow does not contain permissions medium .github/workflows/angular.yml 50 Actions job or workflow does not limit the permissions of the GITHUB_TOKEN. Consider setting an explicit permissions block, using the following as a minimal starting point: {{}}
#15 actions/missing-workflow-permissions Workflow does not contain permissions medium .github/workflows/angular.yml 42 Actions job or workflow does not limit the permissions of the GITHUB_TOKEN. Consider setting an explicit permissions block, using the following as a minimal starting point: {{}}
#14 actions/missing-workflow-permissions Workflow does not contain permissions medium .github/workflows/angular.yml 35 Actions job or workflow does not limit the permissions of the GITHUB_TOKEN. Consider setting an explicit permissions block, using the following as a minimal starting point: {{}}
#13 actions/missing-workflow-permissions Workflow does not contain permissions medium .github/workflows/angular.yml 29 Actions job or workflow does not limit the permissions of the GITHUB_TOKEN. Consider setting an explicit permissions block, using the following as a minimal starting point: {{}}
#12 actions/missing-workflow-permissions Workflow does not contain permissions medium .github/workflows/angular.yml 24 Actions job or workflow does not limit the permissions of the GITHUB_TOKEN. Consider setting an explicit permissions block, using the following as a minimal starting point: {{}}
#11 actions/missing-workflow-permissions Workflow does not contain permissions medium .github/workflows/build-test-deploy.yml 12 Actions job or workflow does not limit the permissions of the GITHUB_TOKEN. Consider setting an explicit permissions block, using the following as a minimal starting point: {{}}
#10 actions/missing-workflow-permissions Workflow does not contain permissions medium .github/workflows/angular.yml 14 Actions job or workflow does not limit the permissions of the GITHUB_TOKEN. Consider setting an explicit permissions block, using the following as a minimal starting point: {{}}
#9 actions/missing-workflow-permissions Workflow does not contain permissions medium .github/workflows/angular.yml 8 Actions job or workflow does not limit the permissions of the GITHUB_TOKEN. Consider setting an explicit permissions block, using the following as a minimal starting point: {{}}
#8 actions/missing-workflow-permissions Workflow does not contain permissions medium .github/workflows/angular.terraform.yml 21 Actions job or workflow does not limit the permissions of the GITHUB_TOKEN. Consider setting an explicit permissions block, using the following as a minimal starting point: {{contents: read}}
#7 actions/missing-workflow-permissions Workflow does not contain permissions medium .github/workflows/angular.test.yml 13 Actions job or workflow does not limit the permissions of the GITHUB_TOKEN. Consider setting an explicit permissions block, using the following as a minimal starting point: {{contents: read}}
#6 actions/missing-workflow-permissions Workflow does not contain permissions medium .github/workflows/angular.docker.yml 53 Actions job or workflow does not limit the permissions of the GITHUB_TOKEN. Consider setting an explicit permissions block, using the following as a minimal starting point: {{contents: read}}
#5 actions/missing-workflow-permissions Workflow does not contain permissions medium .github/workflows/angular.lint.yml 8 Actions job or workflow does not limit the permissions of the GITHUB_TOKEN. Consider setting an explicit permissions block, using the following as a minimal starting point: {{contents: read}}
#4 actions/missing-workflow-permissions Workflow does not contain permissions medium .github/workflows/angular.docker.yml 28 Actions job or workflow does not limit the permissions of the GITHUB_TOKEN. Consider setting an explicit permissions block, using the following as a minimal starting point: {{contents: read}}
#3 actions/missing-workflow-permissions Workflow does not contain permissions medium .github/workflows/angular.build.yml 17 Actions job or workflow does not limit the permissions of the GITHUB_TOKEN. Consider setting an explicit permissions block, using the following as a minimal starting point: {{contents: read}}
#2 actions/missing-workflow-permissions Workflow does not contain permissions medium .github/workflows/angular.azure.web.static.deploy.yml 16 Actions job or workflow does not limit the permissions of the GITHUB_TOKEN. Consider setting an explicit permissions block, using the following as a minimal starting point: {{}}
#1 actions/missing-workflow-permissions Workflow does not contain permissions medium .github/workflows/angular.azure.web.app.deploy.yml 16 Actions job or workflow does not limit the permissions of the GITHUB_TOKEN. Consider setting an explicit permissions block, using the following as a minimal starting point: {{}}

Please review the changes before merging.

austenstone and others added 28 commits July 3, 2025 18:54
@austenstone @github-advanced-security
Potential fix for code scanning alert no. 18
e85a3c1 
Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
Signed-off-by: Austen Stone <austenstone@github.com>
@austenstone
Merge refs/heads/alert-autofix-18 into autofixes
241fbe0
@austenstone @github-advanced-security
Potential fix for code scanning alert no. 16
8e212f3 
Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
Signed-off-by: Austen Stone <austenstone@github.com>
@austenstone
Merge refs/heads/alert-autofix-16 into autofixes
11b2307
@austenstone @github-advanced-security
Potential fix for code scanning alert no. 15
e448236 
Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
Signed-off-by: Austen Stone <austenstone@github.com>
@austenstone
Merge refs/heads/alert-autofix-15 into autofixes
e641524
@austenstone @github-advanced-security
Potential fix for code scanning alert no. 14
89d004e 
Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
Signed-off-by: Austen Stone <austenstone@github.com>
@austenstone
Merge refs/heads/alert-autofix-14 into autofixes
49ed792
@austenstone @github-advanced-security
Potential fix for code scanning alert no. 13
a11e383 
Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
Signed-off-by: Austen Stone <austenstone@github.com>
@austenstone
Merge refs/heads/alert-autofix-13 into autofixes
dedfeee
@austenstone @github-advanced-security
Potential fix for code scanning alert no. 12
14c5e79 
Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
Signed-off-by: Austen Stone <austenstone@github.com>
@austenstone
Merge refs/heads/alert-autofix-12 into autofixes
ec2b88d
@austenstone @github-advanced-security
Potential fix for code scanning alert no. 11
43bdcb3 
Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
Signed-off-by: Austen Stone <austenstone@github.com>
@austenstone
Merge refs/heads/alert-autofix-11 into autofixes
d437c01
@austenstone @github-advanced-security
Potential fix for code scanning alert no. 8
6b6ffa2 
Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
Signed-off-by: Austen Stone <austenstone@github.com>
@austenstone
Merge refs/heads/alert-autofix-8 into autofixes
1f9af02
@austenstone @github-advanced-security
Potential fix for code scanning alert no. 6
f0d0d32 
Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
Signed-off-by: Austen Stone <austenstone@github.com>
@austenstone
Merge refs/heads/alert-autofix-6 into autofixes
43b6e77
@austenstone @github-advanced-security
Potential fix for code scanning alert no. 5
0b4bf78 
Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
Signed-off-by: Austen Stone <austenstone@github.com>
@austenstone
Merge refs/heads/alert-autofix-5 into autofixes
f3ebb13
@austenstone @github-advanced-security
Potential fix for code scanning alert no. 4
3509acb 
Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
Signed-off-by: Austen Stone <austenstone@github.com>
@austenstone
Merge refs/heads/alert-autofix-4 into autofixes
7bf1626
@austenstone @github-advanced-security
Potential fix for code scanning alert no. 3
d17d82c 
Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
Signed-off-by: Austen Stone <austenstone@github.com>
@austenstone
Merge refs/heads/alert-autofix-3 into autofixes
abec95e
@austenstone @github-advanced-security
Potential fix for code scanning alert no. 2
6fa029b 
Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
Signed-off-by: Austen Stone <austenstone@github.com>
@austenstone
Merge refs/heads/alert-autofix-2 into autofixes
91a0a28
@austenstone @github-advanced-security
Potential fix for code scanning alert no. 1
4ac0172 
Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
Signed-off-by: Austen Stone <austenstone@github.com>
@austenstone
Merge refs/heads/alert-autofix-1 into autofixes
6412c3a
@austenstone austenstone merged commit 1b966ef into main Jul 3, 2025
5 checks passed
@austenstone austenstone deleted the autofixes branch July 3, 2025 22:59
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@austenstone