You are viewing a plain text version of this content. The canonical link for it is here.

Posted to github@beam.apache.org by GitBox <gi...@apache.org> on 2022/06/29 00:29:53 UTC

[GitHub] [beam] naveensrinivasan opened a new pull request, #22090: chore: Set permissions for GitHub actions

naveensrinivasan opened a new pull request, #22090:
URL: https://github.com/apache/beam/pull/22090

    Restrict the GitHub token permissions only to the required ones; this way, even if the attackers will succeed in compromising your workflow, they won’t be able to do much.
   
   - Included permissions for the action. https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions
   
   https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions
   
   https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs
   
   [Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/)
   
   Signed-off-by: naveen <17...@users.noreply.github.com>
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: github-unsubscribe@beam.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [beam] github-actions[bot] commented on pull request #22090: chore: Set permissions for GitHub actions

Posted by GitBox <gi...@apache.org>.

github-actions[bot] commented on PR #22090:
URL: https://github.com/apache/beam/pull/22090#issuecomment-1236334255

   This pull request has been closed due to lack of activity. If you think that is incorrect, or the pull request requires review, you can revive the PR at any time.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: github-unsubscribe@beam.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [beam] github-actions[bot] commented on pull request #22090: chore: Set permissions for GitHub actions

Posted by GitBox <gi...@apache.org>.

github-actions[bot] commented on PR #22090:
URL: https://github.com/apache/beam/pull/22090#issuecomment-1229450319

   This pull request has been marked as stale due to 60 days of inactivity. It will be closed in 1 week if no further activity occurs. If you think that’s incorrect or this pull request requires a review, please simply write any comment. If closed, you can revive the PR at any time and @mention a reviewer or discuss it on the dev@beam.apache.org list. Thank you for your contributions.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: github-unsubscribe@beam.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [beam] asf-ci commented on pull request #22090: chore: Set permissions for GitHub actions

Posted by GitBox <gi...@apache.org>.

asf-ci commented on PR #22090:
URL: https://github.com/apache/beam/pull/22090#issuecomment-1169412265

   Can one of the admins verify this patch?


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: github-unsubscribe@beam.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [beam] asf-ci commented on pull request #22090: chore: Set permissions for GitHub actions

Posted by GitBox <gi...@apache.org>.

asf-ci commented on PR #22090:
URL: https://github.com/apache/beam/pull/22090#issuecomment-1169412268

   Can one of the admins verify this patch?


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: github-unsubscribe@beam.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [beam] asf-ci commented on pull request #22090: chore: Set permissions for GitHub actions

Posted by GitBox <gi...@apache.org>.

asf-ci commented on PR #22090:
URL: https://github.com/apache/beam/pull/22090#issuecomment-1169412263

   Can one of the admins verify this patch?


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: github-unsubscribe@beam.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [beam] asf-ci commented on pull request #22090: chore: Set permissions for GitHub actions

Posted by GitBox <gi...@apache.org>.

asf-ci commented on PR #22090:
URL: https://github.com/apache/beam/pull/22090#issuecomment-1169412262

   Can one of the admins verify this patch?


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: github-unsubscribe@beam.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [beam] asf-ci commented on pull request #22090: chore: Set permissions for GitHub actions

Posted by GitBox <gi...@apache.org>.

asf-ci commented on PR #22090:
URL: https://github.com/apache/beam/pull/22090#issuecomment-1169412264

   Can one of the admins verify this patch?


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: github-unsubscribe@beam.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [beam] github-actions[bot] closed pull request #22090: chore: Set permissions for GitHub actions

Posted by GitBox <gi...@apache.org>.

github-actions[bot] closed pull request #22090: chore: Set permissions for GitHub actions
URL: https://github.com/apache/beam/pull/22090


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: github-unsubscribe@beam.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org