You are viewing a plain text version of this content. The canonical link for it is here.
Posted to github@beam.apache.org by GitBox <gi...@apache.org> on 2022/06/29 00:29:53 UTC
[GitHub] [beam] naveensrinivasan opened a new pull request, #22090: chore: Set permissions for GitHub actions
naveensrinivasan opened a new pull request, #22090:
URL: https://github.com/apache/beam/pull/22090
Restrict the GitHub token permissions only to the required ones; this way, even if the attackers will succeed in compromising your workflow, they won’t be able to do much.
- Included permissions for the action. https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions
https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions
https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs
[Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/)
Signed-off-by: naveen <17...@users.noreply.github.com>
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: github-unsubscribe@beam.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [beam] github-actions[bot] commented on pull request #22090: chore: Set permissions for GitHub actions
Posted by GitBox <gi...@apache.org>.
github-actions[bot] commented on PR #22090:
URL: https://github.com/apache/beam/pull/22090#issuecomment-1236334255
This pull request has been closed due to lack of activity. If you think that is incorrect, or the pull request requires review, you can revive the PR at any time.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: github-unsubscribe@beam.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [beam] github-actions[bot] commented on pull request #22090: chore: Set permissions for GitHub actions
Posted by GitBox <gi...@apache.org>.
github-actions[bot] commented on PR #22090:
URL: https://github.com/apache/beam/pull/22090#issuecomment-1229450319
This pull request has been marked as stale due to 60 days of inactivity. It will be closed in 1 week if no further activity occurs. If you think that’s incorrect or this pull request requires a review, please simply write any comment. If closed, you can revive the PR at any time and @mention a reviewer or discuss it on the dev@beam.apache.org list. Thank you for your contributions.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: github-unsubscribe@beam.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [beam] asf-ci commented on pull request #22090: chore: Set permissions for GitHub actions
Posted by GitBox <gi...@apache.org>.
asf-ci commented on PR #22090:
URL: https://github.com/apache/beam/pull/22090#issuecomment-1169412265
Can one of the admins verify this patch?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: github-unsubscribe@beam.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [beam] asf-ci commented on pull request #22090: chore: Set permissions for GitHub actions
Posted by GitBox <gi...@apache.org>.
asf-ci commented on PR #22090:
URL: https://github.com/apache/beam/pull/22090#issuecomment-1169412268
Can one of the admins verify this patch?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: github-unsubscribe@beam.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [beam] asf-ci commented on pull request #22090: chore: Set permissions for GitHub actions
Posted by GitBox <gi...@apache.org>.
asf-ci commented on PR #22090:
URL: https://github.com/apache/beam/pull/22090#issuecomment-1169412263
Can one of the admins verify this patch?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: github-unsubscribe@beam.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [beam] asf-ci commented on pull request #22090: chore: Set permissions for GitHub actions
Posted by GitBox <gi...@apache.org>.
asf-ci commented on PR #22090:
URL: https://github.com/apache/beam/pull/22090#issuecomment-1169412262
Can one of the admins verify this patch?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: github-unsubscribe@beam.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [beam] asf-ci commented on pull request #22090: chore: Set permissions for GitHub actions
Posted by GitBox <gi...@apache.org>.
asf-ci commented on PR #22090:
URL: https://github.com/apache/beam/pull/22090#issuecomment-1169412264
Can one of the admins verify this patch?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: github-unsubscribe@beam.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [beam] github-actions[bot] closed pull request #22090: chore: Set permissions for GitHub actions
Posted by GitBox <gi...@apache.org>.
github-actions[bot] closed pull request #22090: chore: Set permissions for GitHub actions
URL: https://github.com/apache/beam/pull/22090
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: github-unsubscribe@beam.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org