Closed dashpole closed 2 months ago
See https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions
Files: .github/workflows/ci.yml, .github/workflows/codeql-analysis.yml
We should define read-only top-level permissions by adding:
permissions: read-all
Then, we should add per-job permissions that specify read or write for each required category.
See https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions
Files: .github/workflows/ci.yml, .github/workflows/codeql-analysis.yml
We should define read-only top-level permissions by adding:
Then, we should add per-job permissions that specify read or write for each required category.