diff options
| author | Linus Färnstrand <linus@mullvad.net> | 2024-08-29 14:27:54 +0200 |
|---|---|---|
| committer | Linus Färnstrand <linus@mullvad.net> | 2024-08-29 14:27:54 +0200 |
| commit | f1d9dd3bf9dab8bd9e08daac7f36980b3c332dfb (patch) | |
| tree | 8cf0f1e9821ff55a5342063e1f28b73820964a17 /.github | |
| parent | a77e48d75207d70272f8f38224682571dce02aac (diff) | |
| parent | c2d8128c31c77a504d3c68eb45850f8323489d66 (diff) | |
| download | mullvadvpn-f1d9dd3bf9dab8bd9e08daac7f36980b3c332dfb.tar.xz mullvadvpn-f1d9dd3bf9dab8bd9e08daac7f36980b3c332dfb.zip | |
Merge branch 'fix-ci-permissions'
Diffstat (limited to '.github')
| -rw-r--r-- | .github/workflows/ios-rust-ffi.yml | 3 | ||||
| -rw-r--r-- | .github/workflows/osv-scanner-pr.yml | 14 | ||||
| -rw-r--r-- | .github/workflows/osv-scanner-scheduled.yml | 14 |
3 files changed, 19 insertions, 12 deletions
diff --git a/.github/workflows/ios-rust-ffi.yml b/.github/workflows/ios-rust-ffi.yml index d847e688ff..04f9a78d32 100644 --- a/.github/workflows/ios-rust-ffi.yml +++ b/.github/workflows/ios-rust-ffi.yml @@ -7,6 +7,9 @@ on: - clippy.toml - '**/*.rs' workflow_dispatch: + +permissions: {} + jobs: build-ios: runs-on: macos-latest diff --git a/.github/workflows/osv-scanner-pr.yml b/.github/workflows/osv-scanner-pr.yml index 8280222c8d..f4e2d09d0c 100644 --- a/.github/workflows/osv-scanner-pr.yml +++ b/.github/workflows/osv-scanner-pr.yml @@ -5,14 +5,16 @@ on: pull_request: workflow_dispatch: -permissions: - # Require writing security events to upload SARIF file to security tab - security-events: write - # Only need to read contents - contents: read - actions: read +permissions: {} jobs: scan-pr: + permissions: + # Require writing security events to upload SARIF file to security tab + security-events: write + # Only need to read contents + contents: read + actions: read + # yamllint disable rule:line-length uses: "google/osv-scanner-action/.github/workflows/osv-scanner-reusable-pr.yml@dfa8609a7da62968d73f63f279418e504c1f523f" # v1.8.1 diff --git a/.github/workflows/osv-scanner-scheduled.yml b/.github/workflows/osv-scanner-scheduled.yml index 017af19e7e..7df091337a 100644 --- a/.github/workflows/osv-scanner-scheduled.yml +++ b/.github/workflows/osv-scanner-scheduled.yml @@ -8,14 +8,16 @@ on: branches: [main] workflow_dispatch: -permissions: - # Require writing security events to upload SARIF file to security tab - security-events: write - # Only need to read contents - contents: read - actions: read +permissions: {} jobs: scan-scheduled: + permissions: + # Require writing security events to upload SARIF file to security tab + security-events: write + # Only need to read contents + contents: read + actions: read + # yamllint disable rule:line-length uses: "google/osv-scanner-action/.github/workflows/osv-scanner-reusable.yml@dfa8609a7da62968d73f63f279418e504c1f523f" # v1.8.1 |
