ci: declare explicit read-only workflow permissions
This commit is contained in:
parent
c34d6e81fd
commit
a191c86306
2 changed files with 8 additions and 0 deletions
4
.github/workflows/pre-commit.yaml
vendored
4
.github/workflows/pre-commit.yaml
vendored
|
|
@ -3,6 +3,10 @@ on:
|
||||||
pull_request:
|
pull_request:
|
||||||
push:
|
push:
|
||||||
branches: [main, stable]
|
branches: [main, stable]
|
||||||
|
|
||||||
|
permissions:
|
||||||
|
contents: read
|
||||||
|
|
||||||
jobs:
|
jobs:
|
||||||
main:
|
main:
|
||||||
runs-on: ubuntu-latest
|
runs-on: ubuntu-latest
|
||||||
|
|
|
||||||
4
.github/workflows/tests.yaml
vendored
4
.github/workflows/tests.yaml
vendored
|
|
@ -5,6 +5,10 @@ on:
|
||||||
push:
|
push:
|
||||||
branches: [main, stable]
|
branches: [main, stable]
|
||||||
paths-ignore: ['docs/**', 'README.md']
|
paths-ignore: ['docs/**', 'README.md']
|
||||||
|
|
||||||
|
permissions:
|
||||||
|
contents: read
|
||||||
|
|
||||||
jobs:
|
jobs:
|
||||||
tests:
|
tests:
|
||||||
name: ${{ matrix.name || matrix.python }}
|
name: ${{ matrix.name || matrix.python }}
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue