From 44e2fb4cd5b3aca00526af5c13d8ba81de1590aa Mon Sep 17 00:00:00 2001 From: Arto Jonsson Date: Tue, 19 Aug 2025 09:27:46 +0300 Subject: [PATCH] =?UTF-8?q?=F0=9F=94=A7=20Set=20workflow=20permissions?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .github/workflows/pre-commit.yml | 2 ++ .github/workflows/release.yml | 1 + .github/workflows/test.yml | 2 ++ 3 files changed, 5 insertions(+) diff --git a/.github/workflows/pre-commit.yml b/.github/workflows/pre-commit.yml index 40399a2..b4dceee 100644 --- a/.github/workflows/pre-commit.yml +++ b/.github/workflows/pre-commit.yml @@ -10,6 +10,8 @@ jobs: pre-commit: runs-on: ubuntu-latest timeout-minutes: 5 + permissions: + contents: read steps: - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5.6.0 diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 9f9445e..abd5f49 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -11,6 +11,7 @@ jobs: environment: release timeout-minutes: 60 permissions: + contents: read # IMPORTANT: this permission is mandatory for trusted publishing id-token: write steps: diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index aa78446..3bb4db7 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -14,6 +14,8 @@ jobs: test: runs-on: ubuntu-latest timeout-minutes: 15 + permmissions: + contents: read strategy: matrix: python-version: