kubernetes-sigs/kustomize
1
0
Fork 0
mirror of https://github.com/kubernetes-sigs/kustomize.git synced 2026-05-17 18:25:26 +00:00
Code Issues Packages Projects Releases 1 Wiki Activity

Add permissions to GitHub actions

Browse Source 
- Included permissions for the action. https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions

Setting token permissions to read-only follows the principle of least privilege. This is important because attackers may use a compromised token with write access to push malicious code into the project.

https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions
This commit is contained in:
Naveen
2022-04-01 16:34:21 -05:00
committed by GitHub
parent 28ee975948
commit c743f13d0d
1 changed files with 3 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
.github/workflows/go.yml vendored
View File

@@ -6,6 +6,9 @@ on:
pull_request:
branches: [ master ]
permissions:
contents: read
jobs:
lint: