romenskiy2012/curl
1
0
Fork 0
mirror of https://github.com/curl/curl.git synced 2026-04-14 22:11:45 +03:00
Code Issues Projects Releases Packages Wiki Activity

GHA: clarify workflows permissions, set least possible privilege

Browse source 
Set top-level permissions to None on all workflows, setting per-job
permissions. This avoids that new jobs inherit unwanted permissions.

Discussion: https://curl.se/mail/lib-2022-11/0028.html

Signed-off-by: Diogo Teles Sant'Anna <diogoteles@google.com>

Closes #9928
This commit is contained in:
Diogo Teles Sant'Anna 2022-11-16 11:55:33 -03:00 committed by Daniel Stenberg
parent 8fc2423338
commit a2f5a4ca6f
No known key found for this signature in database
GPG key ID: 5CC908FDB71E12C2
14 changed files with 33 additions and 9 deletions
Download patch file Download diff file Expand all files Collapse all files

2
.github/workflows/torture.yml vendored
View file

@ -18,6 +18,8 @@ concurrency:
group: torture-${{ github.event.pull_request.number || github.sha }}
cancel-in-progress: true
permissions: {}
jobs:
autotools:
name: ${{ matrix.build.name }}