From 143f34220d7ed33257a43bde4a466f4038370c68 Mon Sep 17 00:00:00 2001 From: Diogo Teles Sant'Anna Date: Fri, 29 Dec 2023 18:55:46 -0300 Subject: [PATCH] Set minimal permissions at security-audit.yml (#994) --- .github/workflows/security-audit.yml | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/.github/workflows/security-audit.yml b/.github/workflows/security-audit.yml index 5231e443..9052f60d 100644 --- a/.github/workflows/security-audit.yml +++ b/.github/workflows/security-audit.yml @@ -9,8 +9,15 @@ on: schedule: - cron: "0 0 * * *" +permissions: # added using https://github.com/step-security/secure-repo + contents: read + jobs: security_audit: + permissions: + checks: write # for actions-rs/audit-check to create check + contents: read # for actions/checkout to fetch code + issues: write # for actions-rs/audit-check to create issues name: Security Audit runs-on: ubuntu-latest steps: