Closed ericcornelissen closed 2 years ago
Thanks for reporting! (TIL that there is a permissions
option.)
Maybe we can add this near this line?
Note that the Action has to be used in a Job that runs on a UNIX system (eg.
ubuntu-latest
).
Maybe something along the lines of:
If you modify the default permission of the
GITHUB_TOKEN
, give the workflow or job at least thecontents: write
permission.
Feel free to submit a PR for this.
Not a problem - I also just learned about it over the weekend. I'll open a PR in a bit going off of your suggestions :slightly_smiling_face:
If
permissions: read-all
(or something similar, ref) is set at the top-level of a workflow this action won't work. It would be helpful if the documentation included a description of the minimum set of permissions required by this action. From my testing, it seems the minimum required permission iscontent: write
(ref). So, a full example would be:I can draft a paragraph on this topic and add it with a Pull Request, but I'm not sure where in the README it should go.