Suggestion: Use granular permission for writing contents

[felladrin]

When using granular permissions in the workflow file, we don't need to change Repository Settings >> Actions.

To make use of granular permissions, we need to add the following in the workflow job:

permissions:
    contents: write

So schedules.yml would become:

name: update awesome-stars
on:
  workflow_dispatch:
  schedule:
  - cron: 30 0 * * *
jobs:
  awesome-stars:
    name: update awesome-stars
    runs-on: ubuntu-latest
+   permissions:
+     contents: write
    steps:
    - uses: actions/checkout@v3
    - name: Set up Python
      uses: actions/setup-python@v4
      with:
        python-version: '3.10'
    - name: Install dependencies
      run: |
        python -m pip install --upgrade pip
        pip install starred
    - name: get repository name
      run: echo "REPOSITORY_NAME=${GITHUB_REPOSITORY#*/}" >> $GITHUB_ENV
    - name: update repo category by language
      env:
        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
        REPOSITORY: ${{ env.REPOSITORY_NAME }}
        USERNAME: ${{ github.repository_owner }}
      run: starred --username ${USERNAME} --repository ${REPOSITORY} --sort --token ${GITHUB_TOKEN} --message 'awesome-stars category by language update by github actions cron, created by starred'
    - name: update repo category by topic
      env:
        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
        REPOSITORY: ${{ env.REPOSITORY_NAME }}
        USERNAME: ${{ github.repository_owner }}
      run: starred --username ${USERNAME} --repository ${REPOSITORY} --sort --token ${GITHUB_TOKEN} --message 'awesome-stars category by topic update by github actions cron, created by starred' --topic --topic_limit 500 --filename topics.md

By adding these two lines, you'll be able to remove this step from the Readme:

https://github.com/maguowei/starred/blob/3e1e0117f4f20443918db45e7f239519cb5925af/README.md#L74-L76

---

You can see it working here, while Repository Settings >> Actions remains with the default config: