Update 8hobbies/workflows digest to 3a70e39 #216
Conversation
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
| jobs: | ||
| lint: | ||
| uses: 8hobbies/workflows/.github/workflows/npm-lint.yml@a59ef2fc12c42dbd69f1afd8502e163a9f5aabe2 | ||
| uses: 8hobbies/workflows/.github/workflows/npm-lint.yml@3a70e39b3b81c360c7e1bd1794c9834ef5650489 |
Check warning
Code scanning / CodeQL
Workflow does not contain permissions Medium
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix
AI 7 months ago
To fix the issue, add a permissions block at the root level of the workflow. This block will apply to all jobs in the workflow unless overridden by job-specific permissions. Since the workflow is for linting, it likely only requires read access to the repository contents. The permissions block should explicitly set contents: read to limit access.
| @@ -16,2 +16,5 @@ | ||
|
|
||
| permissions: | ||
| contents: read | ||
|
|
||
| on: |
| jobs: | ||
| run: | ||
| uses: 8hobbies/workflows/.github/workflows/npm-publish-dry-run.yml@a59ef2fc12c42dbd69f1afd8502e163a9f5aabe2 | ||
| uses: 8hobbies/workflows/.github/workflows/npm-publish-dry-run.yml@3a70e39b3b81c360c7e1bd1794c9834ef5650489 |
Check warning
Code scanning / CodeQL
Workflow does not contain permissions Medium
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix
AI 7 months ago
To fix the issue, we will add a permissions block at the root of the workflow file. This block will define the least privileges required for the workflow to function. Since the workflow appears to involve a dry run of publishing (based on its name), it likely requires contents: read to access the repository's code and possibly no write permissions. If additional permissions are required, they can be added explicitly.
| @@ -16,2 +16,5 @@ | ||
|
|
||
| permissions: | ||
| contents: read | ||
|
|
||
| on: |
| jobs: | ||
| test: | ||
| uses: 8hobbies/workflows/.github/workflows/npm-runtime.yml@a59ef2fc12c42dbd69f1afd8502e163a9f5aabe2 | ||
| uses: 8hobbies/workflows/.github/workflows/npm-runtime.yml@3a70e39b3b81c360c7e1bd1794c9834ef5650489 |
Check warning
Code scanning / CodeQL
Workflow does not contain permissions Medium
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix
AI 7 months ago
To fix the issue, add a permissions block to the root of the workflow file. This block will explicitly define the permissions required for the workflow, ensuring that the GITHUB_TOKEN has the least privileges necessary. Since the workflow uses a reusable workflow, the permissions should be set to contents: read as a minimal starting point, unless additional permissions are required for the reusable workflow to function correctly.
| @@ -16,2 +16,5 @@ | ||
|
|
||
| permissions: | ||
| contents: read | ||
|
|
||
| on: |
This PR contains the following updates:
a59ef2f->3a70e39Configuration
📅 Schedule: Branch creation - "on Sunday" (UTC), Automerge - At any time (no schedule defined).
🚦 Automerge: Enabled.
♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR was generated by Mend Renovate. View the repository job log.