gmt
gmt copied to clipboard
Published
20 hours ago β’
GenericMappingTools
GenericMappingTools
chore: Set permissions for GitHub actions
Restrict the GitHub token permissions only to the required ones; this way, even if the attackers will succeed in compromising your workflow, they wonβt be able to do much.
- Included permissions for the action. https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions
https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions
https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs
Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests
Signed-off-by: naveen [email protected]
π Thanks for opening this pull request! π
Please make sure you read our Contributing Guide and abide by our Code of Conduct.
A few things to keep in mind:
- If you need help writing tests, take a look at the existing ones for inspiration. If you don't know where to start, let us know and we'll walk you through it.
- All new features should be documented. It helps to write the comments below for your functions describing the it, all arguments, and return types before writing the code. This will help you think about your code design and results in better code.
- We are grateful that you put in the effort to do this! π
![welcome[bot] avatar](https://avatars.githubusercontent.com/in/4141?v=4 "Published by a pub.dev verified publisher"){kind=small}
