ci: add minimum GitHub token permissions for workflows (#1792)
Signed-off-by: Varun Sharma <varunsh@stepsecurity.io>
This commit is contained in:
Varun Sharma
GitHub
6
.github/workflows/labeler.yml
vendored
6
.github/workflows/labeler.yml
vendored
@ -2,8 +2,14 @@ name: "Pull Request Labeler"
|
||||
on:
|
||||
- pull_request_target
|
||||
|
||||
permissions:
|
||||
contents: read
|
||||
|
||||
jobs:
|
||||
triage:
|
||||
permissions:
|
||||
contents: read # for actions/labeler to determine modified files
|
||||
pull-requests: write # for actions/labeler to add labels to PRs
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: actions/labeler@v4
|
||||
|
||||
Reference in New Issue
Block a user