Add explicit permissions to workflows

DavyJonesLocker / client_side_validations

Client Side Validations made easy for Ruby on Rails

MIT License

2.69k stars 404 forks source link

Add explicit permissions to workflows #900

Closed tagliala closed 1 year ago

tagliala commented 1 year ago

Workflows run with extended set of permissions by default. By specifying any permission explicitly, all others are set to none.

Ref: https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions

coveralls commented 1 year ago

Coverage: 99.804% (+0.2%) from 99.609% when pulling 6841d0040225485fd138be53e2262b4f01076973 on security/improve-workflows-security into ecd757b1dbcbf828898f9d1f0aa1dab5bf95d17d on main.