Mirrors/clap
2
0
Fork 0
mirror of https://github.com/clap-rs/clap synced 2024-12-14 06:42:33 +00:00
Code Issues Projects Releases Packages Wiki Activity
clap/.github/workflows
History
naveensrinivasan 45c8b67cdb
Set permissions for GitHub actions 
- Included permissions for the action. https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions

https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions

https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs

[Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/)

 Restrict the GitHub token permissions only to the required ones; this way, even if the attackers will succeed in compromising your workflow, they won’t be able to do much.

Signed-off-by: naveensrinivasan <172697+naveensrinivasan@users.noreply.github.com>
2022-04-15 14:51:52 +00:00
..
audit.yml chore: Align on boilerplate 2021-11-17 15:24:50 -06:00
ci.yml Set permissions for GitHub actions 2022-04-15 14:51:52 +00:00
committed.yml chore(ci): Document job's role 2021-12-07 17:45:57 -06:00
post-release.yml Set permissions for GitHub actions 2022-04-15 14:51:52 +00:00
pre-commit.yml chore(ci): Run pre-commit on correct branch 2021-12-07 17:45:57 -06:00
release-notes.py chore(gh): Automate release creation 2022-01-01 12:43:24 -06:00
rust-next.yml Set permissions for GitHub actions 2022-04-15 14:51:52 +00:00
spelling.yml Set permissions for GitHub actions 2022-04-15 14:51:52 +00:00