]> git.ipfire.org Git - thirdparty/Python/cpython.git/commitdiff
projects / thirdparty / Python / cpython.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 7f83592)
ci: add GitHub token permissions (#92999)
authorVarun Sharma <varunsh@stepsecurity.io>
Sat, 21 May 2022 07:55:21 +0000 (00:55 -0700)
committerGitHub <noreply@github.com>
Sat, 21 May 2022 07:55:21 +0000 (03:55 -0400)
.github/workflows/build.yml patch | blob | blame | history
.github/workflows/build_msi.yml patch | blob | blame | history
.github/workflows/doc.yml patch | blob | blame | history
.github/workflows/new-bugs-announce-notifier.yml patch | blob | blame | history

diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index e04633b711f2f0387fc020ef1bfa219807fb8e85..d800442ad07e36ff3e99f5d8dc1d51ca83dae77b 100644 (file)
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -22,6 +22,9 @@ on:
     - '3.8'
     - '3.7'
 
+permissions:
+  contents: read
+
 jobs:
   check_source:
     name: 'Check for source changes'
diff --git a/.github/workflows/build_msi.yml b/.github/workflows/build_msi.yml
index ec18735e9b9fa6e86a83d96ba7fbe625ef07460f..6044ae0f7c29b404f7a2aec5f7591b724022fef4 100644 (file)
--- a/.github/workflows/build_msi.yml
+++ b/.github/workflows/build_msi.yml
@@ -23,6 +23,9 @@ on:
     paths:
     - 'Tools/msi/**'
 
+permissions:
+  contents: read
+
 jobs:
   build_win32:
     name: 'Windows (x86) Installer'
diff --git a/.github/workflows/doc.yml b/.github/workflows/doc.yml
index 8c4a03489612661aca8967cfd7f48f239135096e..9cd251648cdeaf096f410cfc784775f4bfb9be14 100644 (file)
--- a/.github/workflows/doc.yml
+++ b/.github/workflows/doc.yml
@@ -24,6 +24,9 @@ on:
     - 'Doc/**'
     - 'Misc/**'
 
+permissions:
+  contents: read
+
 jobs:
   build_doc:
     name: 'Docs'
diff --git a/.github/workflows/new-bugs-announce-notifier.yml b/.github/workflows/new-bugs-announce-notifier.yml
index 8cd834419f00bfcb517889b799510594464b50e1..b2b63472d8342186111da6aa6e44d9f115fe3baa 100644 (file)
--- a/.github/workflows/new-bugs-announce-notifier.yml
+++ b/.github/workflows/new-bugs-announce-notifier.yml
@@ -5,6 +5,9 @@ on:
     types:
       - opened
 
+permissions:
+  issues: read
+
 jobs:
   notify-new-bugs-announce:
     runs-on: ubuntu-latest
@@ -39,7 +42,7 @@ jobs:
                 assignee : issue.data.assignees.map(assignee => { return assignee.login }),
                 body   : issue.data.body
               };
-            
+
               const data = {
                 from: "CPython Issues <github@mg.python.org>",
                 to: "new-bugs-announce@python.org",
Mirror of https://github.com/python/cpython.git