luo980/yaml-cpp
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

CI: define read-only permission for GitHub Workflow

Browse Source 
It secures the repo against erroneous or malicious actions from external jobs you call from your workflow. It's specially important for the case they get compromised, for example.
This commit is contained in:
Diogo Teles Sant'Anna 2023-03-02 12:25:43 -03:00 committed by GitHub
parent bdc5582b35
commit 8ba7d280a9
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.github/workflows/build.yml vendored
View File

@ -5,6 +5,7 @@ on:
pull_request:
branches: [ master ]
workflow_dispatch:
permissions: read-all
jobs:
cmake-build:
strategy: