docs
docs copied to clipboard
github
Clarify Permissions Calculation for Workflow Jobs in Documentation
Why:
Closes: Issue #32398
What's being changed (if available, include any code snippets, screenshots, or gifs):
The documentation for "Automatic Token Authentication" is updated to clarify that the read-only adjustment applies to all pull request-related events triggered on a fork PR except for the pull_request_target event.
Updated Section:
Finally, if the workflow was triggered by a pull request from a forked repository, and the Send write tokens to workflows from pull requests setting is not selected, the permissions are adjusted to change any write permissions to read-only, except for the
pull_request_targetevent. This applies to all pull request-related events, includingpull_request_review.
Check off the following:
- [x] I have reviewed my changes in staging, available via the View deployment link in this PR's timeline (this link will be available after opening the PR).
- For content changes, you will also see an automatically generated comment with links directly to pages you've modified. The comment won't appear if your PR only edits files in the
datadirectory.
- For content changes, you will also see an automatically generated comment with links directly to pages you've modified. The comment won't appear if your PR only edits files in the
- [x] For content changes, I have completed the self-review checklist.
Thanks for opening this pull request! A GitHub docs team member should be by to give feedback soon. In the meantime, please check out the contributing guidelines.
![welcome[bot] avatar](https://avatars.githubusercontent.com/in/4141?v=4 "Published by a pub.dev verified publisher"){kind=small}
Automatically generated comment ℹ️
This comment is automatically generated and will be overwritten every time changes are committed to this branch.
The table contains an overview of files in the content directory that have been changed in this pull request. It's provided to make it easy to review your changes on the staging site. Please note that changes to the data directory will not show up in this table.
Content directory changes
You may find it useful to copy this table into the pull request summary. There you can edit it to share links to important articles or changes and to give a high-level overview of how the changes in your pull request support the overall goals of the pull request.
| Source | Preview | Production | What Changed |
|---|---|---|---|
actions/security-guides/automatic-token-authentication.md |
fpt ghec ghes@ 3.13 3.12 3.11 3.10 3.9 |
fpt ghec ghes@ 3.13 3.12 3.11 3.10 3.9 |
fpt: Free, Pro, Team ghec: GitHub Enterprise Cloud ghes: GitHub Enterprise Server
![github-actions[bot] avatar](https://avatars.githubusercontent.com/in/15368?v=4 "Published by a pub.dev verified publisher"){kind=small}
@Vikranth3140 Thanks so much for opening a PR! I'll get this triaged for review ✨
