From 293f3bcc54535a50fc9fdc4f2839059ab6e15c0e Mon Sep 17 00:00:00 2001 From: ejurgensen Date: Wed, 12 Nov 2025 22:55:44 +0100 Subject: [PATCH] [gh-actions] Add permissions to workflows as suggested by Github --- .github/workflows/build_htdocs.yml | 2 ++ .github/workflows/codeql-analysis.yml | 2 ++ .github/workflows/freebsd.yml | 2 ++ .github/workflows/gh-pages.yml | 2 ++ .github/workflows/macos.yml | 2 ++ .github/workflows/macos_12.yml | 2 ++ .github/workflows/ubuntu.yml | 2 ++ .github/workflows/webui_lint.yml | 2 ++ 8 files changed, 16 insertions(+) diff --git a/.github/workflows/build_htdocs.yml b/.github/workflows/build_htdocs.yml index da921442..f6bbb3e8 100644 --- a/.github/workflows/build_htdocs.yml +++ b/.github/workflows/build_htdocs.yml @@ -1,4 +1,6 @@ name: Build htdocs +permissions: + contents: write on: push: diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 299dffbb..81dcc0a3 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -1,4 +1,6 @@ name: "CodeQL" +permissions: + contents: read on: push: diff --git a/.github/workflows/freebsd.yml b/.github/workflows/freebsd.yml index f20ec137..3f322d30 100644 --- a/.github/workflows/freebsd.yml +++ b/.github/workflows/freebsd.yml @@ -1,4 +1,6 @@ name: FreeBSD +permissions: + contents: read on: push: diff --git a/.github/workflows/gh-pages.yml b/.github/workflows/gh-pages.yml index 0503ed10..cb1d7aa0 100644 --- a/.github/workflows/gh-pages.yml +++ b/.github/workflows/gh-pages.yml @@ -1,4 +1,6 @@ name: build and deploy mkdocs to github pages +permissions: + contents: write on: push: branches: diff --git a/.github/workflows/macos.yml b/.github/workflows/macos.yml index 47c4223e..b0236a76 100644 --- a/.github/workflows/macos.yml +++ b/.github/workflows/macos.yml @@ -1,4 +1,6 @@ name: macOS +permissions: + contents: read on: push: diff --git a/.github/workflows/macos_12.yml b/.github/workflows/macos_12.yml index d96c51c7..894d4fe2 100644 --- a/.github/workflows/macos_12.yml +++ b/.github/workflows/macos_12.yml @@ -1,4 +1,6 @@ name: macOS 12 +permissions: + contents: read on: workflow_dispatch: diff --git a/.github/workflows/ubuntu.yml b/.github/workflows/ubuntu.yml index ddb71bc9..a19314d4 100644 --- a/.github/workflows/ubuntu.yml +++ b/.github/workflows/ubuntu.yml @@ -1,4 +1,6 @@ name: Ubuntu +permissions: + contents: read on: push: diff --git a/.github/workflows/webui_lint.yml b/.github/workflows/webui_lint.yml index 0ede2bb0..1d65c434 100644 --- a/.github/workflows/webui_lint.yml +++ b/.github/workflows/webui_lint.yml @@ -1,4 +1,6 @@ name: Web UI Lint +permissions: + contents: read on: push: