Set default workflow permissions for dependabot through settings? #121941
Unanswered
nadav-lord
asked this question in
Actions
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Select Topic Area
Product Feedback
Body
Hey all. In our organization we make a fairly extensive use of Github Actions for our CI/CD flows, and we set our workflow permissions through the org / repo settings. However, we also use dependabot which automatically opens PRs which go through our CI. These CI workflows may fail because by default the dependabot permissions are read-only and some actions may need write permissions. There are at least a couple of ways to circumvent this, such as adding permissions explicitly to the workflow or setting the token of the action explicitly, but we were wondering if it's not worth it to be able to set dependabot's default workflow permissions through the org / repo settings just the way you set them in the regular default workflow permissions section under Actions settings.
Beta Was this translation helpful? Give feedback.
All reactions