simsong / bulk_extractor

This is the development tree. Production downloads are at:

https://github.com/simsong/bulk_extractor/releases

Other

1.04k stars 184 forks source link

Restrict permissions of secrets.GITHUB_TOKEN in workflow #372

Closed jgru closed 1 year ago

jgru commented 1 year ago

Dear Simson,

this PR addresses #371 by restricting permissions of secrets.GITHUB_TOKEN in the workflow file to publish a release. All permissions are removed except the one to write contents, which is needed to place the tarball in the release section according to the documentation.

Best regards, jgru

codecov[bot] commented 1 year ago

Codecov Report

Merging #372 (2c605ea) into main (68f8eb3) will not change coverage. The diff coverage is n/a.

@@           Coverage Diff           @@
##             main     #372   +/-   ##
=======================================
  Coverage   47.69%   47.69%           
=======================================
  Files         112      112           
  Lines       13451    13451           
=======================================
  Hits         6415     6415           
  Misses       7036     7036

:mega: We’re building smart automated test selection to slash your CI/CD build times. Learn more

simsong commented 1 year ago

Closes #371