You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@whimsical.apache.org by se...@apache.org on 2022/10/04 15:23:57 UTC

[whimsy] branch master updated: [StepSecurity] ci: Harden GitHub Actions (#168)

This is an automated email from the ASF dual-hosted git repository.

sebb pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/whimsy.git


The following commit(s) were added to refs/heads/master by this push:
     new 1a037ac4 [StepSecurity] ci: Harden GitHub Actions (#168)
1a037ac4 is described below

commit 1a037ac4d2f9e9ea420e47e0b96f26448faf1d08
Author: Step Security Bot <bo...@stepsecurity.io>
AuthorDate: Tue Oct 4 08:23:52 2022 -0700

    [StepSecurity] ci: Harden GitHub Actions (#168)
    
    * [StepSecurity] ci: Harden GitHub Actions in npmtest.yml
    
    * [StepSecurity] ci: Harden GitHub Actions in unittestagenda.yml
    
    * [StepSecurity] ci: Harden GitHub Actions in unittestlib.yml
    
    * [StepSecurity] ci: Harden GitHub Actions in unittestnavigation.yml
---
 .github/workflows/npmtest.yml            | 3 +++
 .github/workflows/unittestagenda.yml     | 3 +++
 .github/workflows/unittestlib.yml        | 3 +++
 .github/workflows/unittestnavigation.yml | 3 +++
 4 files changed, 12 insertions(+)

diff --git a/.github/workflows/npmtest.yml b/.github/workflows/npmtest.yml
index c5255815..0e081131 100644
--- a/.github/workflows/npmtest.yml
+++ b/.github/workflows/npmtest.yml
@@ -6,6 +6,9 @@ on:
 
   workflow_dispatch:
 
+permissions:  # added using https://github.com/step-security/secure-workflows
+  contents: read
+
 jobs:
   test:
     strategy:
diff --git a/.github/workflows/unittestagenda.yml b/.github/workflows/unittestagenda.yml
index f1d5df95..ecd5789a 100644
--- a/.github/workflows/unittestagenda.yml
+++ b/.github/workflows/unittestagenda.yml
@@ -8,6 +8,9 @@ on:
 
   workflow_dispatch:
 
+permissions:  # added using https://github.com/step-security/secure-workflows
+  contents: read
+
 jobs:
   test:
     strategy:
diff --git a/.github/workflows/unittestlib.yml b/.github/workflows/unittestlib.yml
index 54ab1490..20a47082 100644
--- a/.github/workflows/unittestlib.yml
+++ b/.github/workflows/unittestlib.yml
@@ -7,6 +7,9 @@ on:
 
   workflow_dispatch:
 
+permissions:  # added using https://github.com/step-security/secure-workflows
+  contents: read
+
 jobs:
   test:
     strategy:
diff --git a/.github/workflows/unittestnavigation.yml b/.github/workflows/unittestnavigation.yml
index 62a879ca..22e5015a 100644
--- a/.github/workflows/unittestnavigation.yml
+++ b/.github/workflows/unittestnavigation.yml
@@ -3,6 +3,9 @@ name: Unit test navigation
 on:
   workflow_dispatch:
 
+permissions:  # added using https://github.com/step-security/secure-workflows
+  contents: read
+
 jobs:
   test:
     strategy: