Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Limit top-level permissions for
labeler
workflow
By default the top-level `GITHUB_TOKEN` has all permissions[^1]. This change removes all permissions by default, as recommended by the GitHub Actions security hardening guide[^2]. This change is a low risk test. I plan to modify all other workflows if this works okay. [^1]: https://docs.github.com/en/actions/security-guides/automatic-token-authentication#permissions-for-the-github_token [^2]: https://docs.github.com/en/actions/security-guides/security-hardening-for-github-actions#restricting-permissions-for-tokens
- Loading branch information