secure-repo icon indicating copy to clipboard operation
secure-repo copied to clipboard

Published 20 hours ago verified publisher icon step-security

[KB] Add GitHub token permissions for sasanquaneuf/mypy-github-action Action

Open step-security-bot opened this issue 3 years ago • 2 comments

Knowledge Base is missing for sasanquaneuf/mypy-github-action.

step-security-bot avatar Oct 07 '22 08:10 step-security-bot

Analysis

Action Name: sasanquaneuf/mypy-github-action
Action Type: Node
GITHUB_TOKEN Matches: GITHUB_TOKEN
Top language: TypeScript
Stars: 6
Private: false
Forks: 1

Endpoints Found

Endpoint Permission
checks.listForRef read
checks.update write

FollowUp Links.

https://github.com/sasanquaneuf/mypy-github-action/blob/8908b8f82282257ad047399601892ba0f91afd9a/src/main.ts

action-security.yml

name: 'Mypy action'
github-token:
  environment-variable-name: <FigureOutYourself>
    is-default: false
  permissions:
    checks: write

step-security-bot avatar Oct 07 '22 08:10 step-security-bot

I have taken this issue

sph4674 avatar Oct 07 '22 09:10 sph4674