From 01d7c932a09db57edc686c4f0b2f74c7c4e5e4ca Mon Sep 17 00:00:00 2001
From: Florian Hockmann <fh@florian-hockmann.de>
Date: Wed, 24 Apr 2024 14:55:19 +0200
Subject: [PATCH] Fix linter after updating

The linter now complains about duplicate code that
just consists of our license header and using.
Ignoring the using should fix that.

It now also checks whether a GitHub workflow has
too many permissions. We should limit those in
general to what is actually needed.

Signed-off-by: Florian Hockmann <fh@florian-hockmann.de>
---
 .dependency_license           |  1 +
 .github/workflows/dotnet.yml  | 10 ++++++++--
 .github/workflows/license.yml |  6 +++++-
 .github/workflows/linter.yml  |  9 ++++++++-
 .jscpd.json                   |  3 +++
 5 files changed, 25 insertions(+), 4 deletions(-)
 create mode 100644 .jscpd.json

diff --git a/.dependency_license b/.dependency_license
index 7f22d2a..69a8ad9 100644
--- a/.dependency_license
+++ b/.dependency_license
@@ -23,3 +23,4 @@ JanusGraph.Net.sln, Apache-2.0
 JanusGraph logomark color RGB.png, Apache-2.0
 CONTRIBUTORS.txt, Apache-2.0
 appsettings.json, Apache-2.0
+.jscpd.json, Apache-2.0
diff --git a/.github/workflows/dotnet.yml b/.github/workflows/dotnet.yml
index 71e16f3..a84afd0 100644
--- a/.github/workflows/dotnet.yml
+++ b/.github/workflows/dotnet.yml
@@ -24,13 +24,17 @@ on:
     types:
       - published
 
+permissions: { }
+
 env:
   NUGET_KEY: ${{ secrets.NUGET_KEY }}
   NUGET_FEED: https://api.nuget.org/v3/index.json
 
 jobs:
   build:
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
 
     steps:
       - uses: actions/checkout@v4
@@ -55,7 +59,9 @@ jobs:
   deploy:
     needs: build
     if: github.event_name == 'release'
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
 
     steps:
       - name: Download Artifact
diff --git a/.github/workflows/license.yml b/.github/workflows/license.yml
index 2653c57..43662b1 100644
--- a/.github/workflows/license.yml
+++ b/.github/workflows/license.yml
@@ -18,9 +18,13 @@ name: License Validation
 on:
   pull_request: { }
 
+permissions: { }
+
 jobs:
   weasel:
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
     steps:
       - name: Checkout
         uses: actions/checkout@v4
diff --git a/.github/workflows/linter.yml b/.github/workflows/linter.yml
index b3bf2ee..fc6c43f 100644
--- a/.github/workflows/linter.yml
+++ b/.github/workflows/linter.yml
@@ -19,9 +19,16 @@ on:
   pull_request: { }
   push: { }
 
+permissions: { }
+
 jobs:
   check:
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      packages: read
+      # To report GitHub Actions status checks
+      statuses: write
     steps:
       - name: Checkout Code
         uses: actions/checkout@v4
diff --git a/.jscpd.json b/.jscpd.json
new file mode 100644
index 0000000..cfcd3da
--- /dev/null
+++ b/.jscpd.json
@@ -0,0 +1,3 @@
+{
+  "ignore-pattern": ["using\\s.*\\;"]
+}
\ No newline at end of file