You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{
"name": "Token-Permissions",
"score": 0,
"reason": "detected GitHub workflow tokens with excessive permissions",
"details": [
"Warn: jobLevel 'actions' permission set to 'write': .github/workflows/pr-gh-workflow-approve.yaml:19",
"Warn: no topLevel permission defined: .github/workflows/kind-e2e.yaml:1",
"Warn: no topLevel permission defined: .github/workflows/knative-go-build.yaml:1",
"Warn: no topLevel permission defined: .github/workflows/knative-go-test.yaml:1",
"Warn: no topLevel permission defined: .github/workflows/knative-security.yaml:1",
"Warn: no topLevel permission defined: .github/workflows/knative-stale.yaml:1",
"Warn: no topLevel permission defined: .github/workflows/knative-style.yaml:1",
"Warn: no topLevel permission defined: .github/workflows/knative-verify.yaml:1",
"Info: found token with 'none' permissions: .github/workflows/pr-gh-workflow-approve.yaml:1"
],
}
Several top level permissions are missing, as a result of which the score is zero for this particular check of the OpenSSF scorecard. This score can go to 10 if all the top level permissions are set to content: read (i.e, minimal permissions at the top level)
Several top level permissions are missing, as a result of which the score is zero for this particular check of the OpenSSF scorecard. This score can go to 10 if all the top level permissions are set to
content: read(i.e, minimal permissions at the top level)More details on this check:
https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions