Skip to content

docs: More restrictive permissions #280

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 13 commits into from
Mar 25, 2025
Merged

docs: More restrictive permissions #280

merged 13 commits into from
Mar 25, 2025

Conversation

zMynxx
Copy link
Contributor

@zMynxx zMynxx commented Mar 23, 2025
edited
Loading

Description

Updated the GitHub Actions workflows to use permissions scope at the job-level (dedicated) instead of workflow level (shared) in case anyone copy-paste and adds some more jobs to the flow.
Updated the url provided in case of a non-compliant commit message, to have it resolved properly.

Type of change

  • Bug fix
  • Security

Changes required

  • Source code
  • CI/CD
  • GitHub Actions

How Has This Been Tested?

Screenshot 2025-03-25 at 11 00 29

@zMynxx
Copy link
Contributor Author

zMynxx commented Mar 24, 2025

removed the checkout, not needed

amannn
amannn reviewed Mar 25, 2025
View reviewed changes
Copy link
Owner

@amannn amannn left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for proposing this!

@zMynxx zMynxx requested a review from amannn March 25, 2025 09:48
zMynxx
zMynxx commented Mar 25, 2025
View reviewed changes
@zMynxx
Revert to secrets.GITHUB_TOKEN
ce8d088 
changed back to using secrets.GITHUB_TOKEN as requested by owner
@zMynxx zMynxx changed the title docs(workflows): updated README.md security(workflows): permissions-block Mar 25, 2025
@zMynxx zMynxx changed the title security(workflows): permissions-block ci(workflows): permissions-block Mar 25, 2025
@zMynxx zMynxx changed the title ci(workflows): permissions-block ci: workflows permissions-block Mar 25, 2025
amannn
amannn approved these changes Mar 25, 2025
View reviewed changes
Copy link
Owner

@amannn amannn left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks a lot!

src/index.js
@@ -118,7 +118,7 @@ module.exports = async function run() {
});
} catch (error) {
throw new Error(
`Pull request has only one commit and it's not semantic; this may lead to a non-semantic commit in the base branch (see https://github.com/community/community/discussions/16271). Amend the commit message to match the pull request title, or add another commit.`
`Pull request has only one commit and it's not semantic; this may lead to a non-semantic commit in the base branch (see https://github.com/community/community/discussions/16271 ). Amend the commit message to match the pull request title, or add another commit.`
Copy link
Owner

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👍

@amannn amannn changed the title ci: workflows permissions-block docs: More restrictive permissions Mar 25, 2025
@amannn amannn merged commit 04501d4 into amannn:main Mar 25, 2025
31 of 32 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@amannn amannn amannn approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@zMynxx @amannn