Skip to content

Potential fix for code scanning alert no. 2: Workflow does not contain permissions#5

Merged
washu merged 1 commit into
mainfrom
alert-autofix-2
May 13, 2026
Merged

Potential fix for code scanning alert no. 2: Workflow does not contain permissions#5
washu merged 1 commit into
mainfrom
alert-autofix-2

Conversation

@washu

@washu washu commented May 13, 2026

Copy link
Copy Markdown
Owner

Potential fix for https://github.com/washu/solid_queue_mongoid/security/code-scanning/2

Add an explicit permissions block at the workflow root so it applies to all jobs (test and compatibility) without changing behavior.
The minimal required permission here is:

  • contents: read

Place it after the on: section (or near top-level keys) in .github/workflows/ci.yml. No imports, methods, or dependencies are needed.

Suggested fixes powered by Copilot Autofix. Review carefully before merging.

…n permissions

fix permissions

Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
@washu washu marked this pull request as ready for review May 13, 2026 18:05
@washu washu merged commit c1ae63b into main May 13, 2026
14 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant