Files · b29b9e8e29b4d96e8c1e3de1e902d56fab3e5320 · lvzhengyang / git2

chore: Set permissions for GitHub actions · b29b9e8e

 Restrict the GitHub token permissions only to the required ones; this way, even if the attackers will succeed in compromising your workflow, they won’t be able to do much.

- Included permissions for the action. https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions

https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions

https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs

[Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/)

Signed-off-by: nathannaveen <42319948+nathannaveen@users.noreply.github.com>

committed Jul 03, 2022

b29b9e8e

Name	Last commit	Last update
.devcontainer		Loading commit data...
.github		Loading commit data...
.vscode		Loading commit data...
ci		Loading commit data...
cmake		Loading commit data...
deps		Loading commit data...
docs		Loading commit data...
examples		Loading commit data...
fuzzers		Loading commit data...
include		Loading commit data...
script		Loading commit data...
src		Loading commit data...
tests		Loading commit data...
.HEADER		Loading commit data...
.clang-format		Loading commit data...
.editorconfig		Loading commit data...
.gitattributes		Loading commit data...
.gitignore		Loading commit data...
.mailmap		Loading commit data...
AUTHORS		Loading commit data...
CMakeLists.txt		Loading commit data...
COPYING		Loading commit data...
README.md		Loading commit data...
SECURITY.md		Loading commit data...
api.docurium		Loading commit data...
git.git-authors		Loading commit data...
package.json		Loading commit data...

README.md