luo980/curl
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
e2aed00430
curl/.github/workflows/reuse.yml
Diogo Teles Sant'Anna a2f5a4ca6f
GHA: clarify workflows permissions, set least possible privilege 
Set top-level permissions to None on all workflows, setting per-job
permissions. This avoids that new jobs inherit unwanted permissions.

Discussion: https://curl.se/mail/lib-2022-11/0028.html

Signed-off-by: Diogo Teles Sant'Anna <diogoteles@google.com>

Closes #9928
2022-12-02 23:13:54 +01:00

30 lines
609 B
YAML
Raw Blame History

# Copyright (C) 2000 - 2022 Daniel Stenberg, <daniel@haxx.se>, et al.
# SPDX-FileCopyrightText: 2022 Free Software Foundation Europe e.V. <https://fsfe.org>
#
# SPDX-License-Identifier: curl
name: REUSE compliance
on:
push:
branches:
- master
- '*/ci'
pull_request:
branches:
- master
concurrency:
group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.sha }}
cancel-in-progress: true
permissions: {}
jobs:
check:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: REUSE Compliance Check
uses: fsfe/reuse-action@v1
Reference in New Issue View Git Blame Copy Permalink