Mirrors/clap
2
0
Fork 0
mirror of https://github.com/clap-rs/clap synced 2024-11-10 14:54:15 +00:00
Code Issues Projects Releases Packages Wiki Activity
clap/.github
History
naveensrinivasan 45c8b67cdb
Set permissions for GitHub actions 
- Included permissions for the action. https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions

https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions

https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs

[Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/)

 Restrict the GitHub token permissions only to the required ones; this way, even if the attackers will succeed in compromising your workflow, they won’t be able to do much.

Signed-off-by: naveensrinivasan <172697+naveensrinivasan@users.noreply.github.com>
2022-04-15 14:51:52 +00:00
..
ISSUE_TEMPLATE chore(gh): Update list of crates in scope of issue tracker 2022-02-08 16:57:45 +03:00
workflows Set permissions for GitHub actions 2022-04-15 14:51:52 +00:00
dependabot.yml chore(gh): Update labels 2021-12-06 10:24:03 -06:00
FUNDING.yml chore: Align on boilerplate 2021-11-17 15:24:50 -06:00
PULL_REQUEST_TEMPLATE.md docs: Try to steer people to better practices 2022-02-05 09:18:05 -06:00
settings.yml chore(gh): Plan for a new label 2021-12-08 19:19:31 -06:00