schedule:
- cron: '0 22 * * 3'
+permissions: # least privileges, see https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions
+ contents: read
+
jobs:
build-recursor:
name: build recursor
- 'NO'
- 'YES'
+permissions: # least privileges, see https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions
+ contents: read
+
jobs:
prepare:
name: generate OS list
schedule:
- cron: '0 1 * * *'
+permissions: # least privileges, see https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions
+ contents: read
+
jobs:
build:
name: build.sh
schedule:
- cron: '0 22 * * 2'
+permissions: # least privileges, see https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions
+ contents: read
+
jobs:
analyze:
name: Analyze
runs-on: ubuntu-20.04
+ permissions:
+ actions: read # for github/codeql-action/init to get workflow details
+ contents: read # for actions/checkout to fetch code
+ security-events: write # for github/codeql-action/analyze to upload SARIF results
+
strategy:
fail-fast: false
matrix:
schedule:
- cron: '0 4 * * *'
+permissions: # least privileges, see https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions
+ contents: read
+
jobs:
build:
name: docker build
push:
pull_request:
+permissions: # least privileges, see https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions
+ contents: read
+
jobs:
build:
name: verify formatting and Makefile.am sort order
name: CIFuzz
on: [pull_request]
+
+permissions: # least privileges, see https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions
+ contents: read
+
jobs:
Fuzzing:
runs-on: ubuntu-20.04