Skip to content

Commit

Permalink
GitHub Workflows security hardening (#1451)
Browse files Browse the repository at this point in the history
  • Loading branch information
sashashura authored Oct 10, 2022
1 parent 4024f4d commit 36916f0
Show file tree
Hide file tree
Showing 3 changed files with 6 additions and 0 deletions.
3 changes: 3 additions & 0 deletions .github/workflows/ci.yml
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,9 @@ env:
GIT_BRANCH: ${{ github.ref }}
COVERALLS_REPO_TOKEN: ${{ secrets.COVERALLS_REPO_TOKEN }}

permissions:
contents: read # to fetch code (actions/checkout)

jobs:
linting:
runs-on: ubuntu-latest
Expand Down
2 changes: 2 additions & 0 deletions .github/workflows/publish.yml
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,8 @@ on:
release:
types: [published]

permissions:
contents: read # to checkout the code (actions/checkout)
jobs:
build:
name: Publish to Rubygems
Expand Down
1 change: 1 addition & 0 deletions .github/workflows/refresh_team_page.yml
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,7 @@ on:
push:
branches: [ main ]

permissions: {}
jobs:
build:
name: Refresh Contributors Stats
Expand Down

0 comments on commit 36916f0

Please sign in to comment.