3
0
Fork 0
forked from mirrors/nixpkgs
nixpkgs/.github/workflows
nathannaveen 5deff9583c chore: Set permissions for GitHub actions
Restrict the GitHub token permissions only to the required ones; this way, even if the attackers will succeed in compromising your workflow, they won’t be able to do much.

- Included permissions for the action. https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions

https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions

https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs

[Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/)

Signed-off-by: nathannaveen <42319948+nathannaveen@users.noreply.github.com>
2022-07-04 01:09:50 +00:00
..
backport.yml ci: add warning to actions with writeable GITHUB_TOKEN 2022-03-21 08:54:42 +01:00
basic-eval.yml build(deps): bump cachix/install-nix-action from 16 to 17 2022-04-08 17:59:26 +10:00
direct-push.yml build(deps): bump peter-evans/commit-comment from 1 to 2 2022-03-23 08:24:13 +01:00
editorconfig.yml build(deps): bump cachix/install-nix-action from 16 to 17 2022-04-08 17:59:26 +10:00
labels.yml ci: add warning to actions with writeable GITHUB_TOKEN 2022-03-21 08:54:42 +01:00
manual-nixos.yml build(deps): bump cachix/install-nix-action from 16 to 17 2022-04-08 17:59:26 +10:00
manual-nixpkgs.yml build(deps): bump cachix/install-nix-action from 16 to 17 2022-04-08 17:59:26 +10:00
nixos-manual.yml build(deps): bump cachix/install-nix-action from 16 to 17 2022-04-08 17:59:26 +10:00
no-channel.yml chore: Set permissions for GitHub actions 2022-07-04 01:09:50 +00:00
pending-clear.yml .github/workflow/pending-{set,clear}: switch to curl 2020-08-26 22:04:40 +10:00
pending-set.yml ci: add warning to actions with writeable GITHUB_TOKEN 2022-03-21 08:54:42 +01:00
periodic-merge-6h.yml build(deps): bump peter-evans/create-or-update-comment from 1 to 2 2022-03-23 08:23:37 +01:00
periodic-merge-24h.yml workflows: Replace 21.05 with 22.05 2022-05-23 19:57:42 +02:00
update-terraform-providers.yml chore: Set permissions for GitHub actions 2022-07-04 01:09:50 +00:00