As described in the issue, this PR sets minimum permissions for GITHUB_TOKEN in GitHub Workflows.
For the coverage workflow, we are setting all permissions to read because the job steps need no permissions.
For the dependabot workflow, we are setting id-token to have write access because we need to get the GITHUB_TOKEN and issues to have write access because we need to create an issue.
For the issue hunt workflow, we are setting id-token to have write access because we need to get the GITHUB_TOKEN and issues to have write access because we need to create a comment on an issue.
Closes https://github.com/goatandsheep/rc/issues/29
As described in the issue, this PR sets minimum permissions for GITHUB_TOKEN in GitHub Workflows.
For the coverage workflow, we are setting all permissions to
read
because the job steps need no permissions. For the dependabot workflow, we are settingid-token
to havewrite
access because we need to get the GITHUB_TOKEN andissues
to havewrite
access because we need to create an issue. For the issue hunt workflow, we are settingid-token
to havewrite
access because we need to get the GITHUB_TOKEN andissues
to havewrite
access because we need to create a comment on an issue.