Skip to content

Fix/workflow perms #116

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 5 commits into from
Sep 11, 2025
Merged

Fix/workflow perms #116

merged 5 commits into from
Sep 11, 2025

Conversation

jeffpaul
Copy link
Member

Description of the Change

This pull request updates the GitHub Actions workflow files to explicitly set permissions for improved security and consistency. The main change is the addition of the permissions field with contents: read to several workflow files.

GitHub Actions security and configuration:

  • Added permissions: contents: read to .github/workflows/build-release-zip.yml to specify minimal required permissions for the workflow.
  • Added permissions: contents: read to .github/workflows/plugin-check.yml for enhanced security and clarity.
  • Added permissions: contents: read to .github/workflows/spell-checker.yml to restrict workflow permissions.

General workflow improvements:

  • Added a missing newline after the name field in .github/workflows/spell-checker.yml for formatting consistency.

How to test the Change

Changelog Entry

Developer - Updated GitHub Action workflows to include proper permissions scoping.

Credits

Props @jeffpaul.

Checklist:

jeffpaul and others added 4 commits September 11, 2025 08:28
@jeffpaul @github-advanced-security
Potential fix for code scanning alert no. 6: Workflow does not contai…
d2eb56c 
…n permissions

Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
@jeffpaul @github-advanced-security
Potential fix for code scanning alert no. 7: Workflow does not contai…
ddc49e3 
…n permissions

Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
@jeffpaul @github-advanced-security
Potential fix for code scanning alert no. 8: Workflow does not contai…
463038c 
…n permissions

Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
@jeffpaul
update location of setting permissions in workflow files
787e7a9
@jeffpaul jeffpaul added this to the 1.7.0 milestone Sep 11, 2025
@jeffpaul jeffpaul requested a review from s3rgiosan September 11, 2025 13:32
@jeffpaul jeffpaul self-assigned this Sep 11, 2025
@jeffpaul jeffpaul added the needs:code-review This requires code review. label Sep 11, 2025
@s3rgiosan
Update plugin-check.yml
080ab78 
Removed empty spaces
@jeffpaul jeffpaul merged commit c5c8160 into develop Sep 11, 2025
7 of 8 checks passed
@jeffpaul jeffpaul deleted the fix/workflow-perms branch September 11, 2025 15:57
@github-project-automation github-project-automation bot moved this from QA Testing to Done in Open Source Practice Sep 11, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@s3rgiosan s3rgiosan s3rgiosan approved these changes

Assignees

@jeffpaul jeffpaul

Labels

needs:code-review This requires code review.

Projects

Open Source Practice
Archived in project

Milestone

1.7.0

Development

Successfully merging this pull request may close these issues.

2 participants

@jeffpaul @s3rgiosan