You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@logging.apache.org by vy...@apache.org on 2022/04/19 20:58:08 UTC

[logging-log4j2] branch release-2.x updated: LOG4J2-3369 Make build and CodeQL workflows read-only.

This is an automated email from the ASF dual-hosted git repository.

vy pushed a commit to branch release-2.x
in repository https://gitbox.apache.org/repos/asf/logging-log4j2.git


The following commit(s) were added to refs/heads/release-2.x by this push:
     new 32e0df1ba2 LOG4J2-3369 Make build and CodeQL workflows read-only.
32e0df1ba2 is described below

commit 32e0df1ba2849caf465e8bf59c9e96faa3b73fe9
Author: Volkan Yazıcı <vo...@yazi.ci>
AuthorDate: Tue Apr 19 22:58:03 2022 +0200

    LOG4J2-3369 Make build and CodeQL workflows read-only.
---
 .github/workflows/build.yml           | 2 ++
 .github/workflows/codeql-analysis.yml | 3 +++
 2 files changed, 5 insertions(+)

diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index c060723487..3281ddebbd 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -21,6 +21,8 @@ on:
       - release-2.x
   pull_request:
 
+permissions: read-all
+
 jobs:
   build:
 
diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
index a614873584..87f16cf0cc 100644
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@@ -25,7 +25,10 @@ on:
   schedule:
     - cron: '32 12 * * 5'
 
+permissions: read-all
+
 jobs:
+
   analyze:
     name: Analyze
     runs-on: ubuntu-latest