Update 8hobbies/workflows digest to 71e7c31 #211
Conversation
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
| jobs: | ||
| lint: | ||
| uses: 8hobbies/workflows/.github/workflows/npm-lint.yml@77dcc391951a62ee0f1f076d6ef1bd3e5385eb42 | ||
| uses: 8hobbies/workflows/.github/workflows/npm-lint.yml@71e7c31d67cdf9e3f03cb62c72951f48215e4c82 |
Check warning
Code scanning / CodeQL
Workflow does not contain permissions Medium
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix
AI 7 months ago
To fix the issue, we need to add a permissions block to the workflow file .github/workflows/lint.yml. This block should specify the least privileges required for the workflow to function correctly. Since this is a linting workflow, it likely only needs contents: read permission to access the repository's files for linting purposes.
The permissions block should be added at the root level of the workflow, ensuring it applies to all jobs, including the reusable workflow.
| @@ -16,2 +16,5 @@ | ||
|
|
||
| permissions: | ||
| contents: read | ||
|
|
||
| on: |
| jobs: | ||
| run: | ||
| uses: 8hobbies/workflows/.github/workflows/npm-publish-dry-run.yml@77dcc391951a62ee0f1f076d6ef1bd3e5385eb42 | ||
| uses: 8hobbies/workflows/.github/workflows/npm-publish-dry-run.yml@71e7c31d67cdf9e3f03cb62c72951f48215e4c82 |
Check warning
Code scanning / CodeQL
Workflow does not contain permissions Medium
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix
AI 7 months ago
To fix the issue, we need to add a permissions block to the workflow. This block should specify the least privileges required for the workflow to function correctly. Since the workflow uses a reusable workflow (npm-publish-dry-run.yml), we should consult its documentation or analyze its functionality to determine the required permissions. If no specific permissions are documented, a safe starting point is to set contents: read, which is sufficient for most basic CI workflows.
The permissions block should be added at the root level of the workflow, ensuring it applies to all jobs unless overridden.
| @@ -16,2 +16,5 @@ | ||
|
|
||
| permissions: | ||
| contents: read | ||
|
|
||
| on: |
| jobs: | ||
| test: | ||
| uses: 8hobbies/workflows/.github/workflows/npm-runtime.yml@77dcc391951a62ee0f1f076d6ef1bd3e5385eb42 | ||
| uses: 8hobbies/workflows/.github/workflows/npm-runtime.yml@71e7c31d67cdf9e3f03cb62c72951f48215e4c82 |
Check warning
Code scanning / CodeQL
Workflow does not contain permissions Medium
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix
AI 7 months ago
To fix the issue, we will add a permissions block at the root level of the workflow. This block will define the minimal permissions required for the workflow to function securely. Since the specific permissions required by the reusable workflow (npm-runtime.yml) are not provided, we will start with the most restrictive permissions (contents: read) and adjust them if necessary based on the workflow's functionality.
| @@ -16,2 +16,5 @@ | ||
|
|
||
| permissions: | ||
| contents: read | ||
|
|
||
| on: |
This PR contains the following updates:
77dcc39->71e7c31Configuration
📅 Schedule: Branch creation - "on Sunday" (UTC), Automerge - At any time (no schedule defined).
🚦 Automerge: Enabled.
♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR was generated by Mend Renovate. View the repository job log.