secure-repo icon indicating copy to clipboard operation
secure-repo copied to clipboard

Published 20 hours ago verified publisher icon step-security

[KB] Add KB for samspills/assign-pr-to-author

Open step-security-bot opened this issue 3 years ago • 2 comments

Knowledge Base is missing for samspills/assign-pr-to-author.

step-security-bot avatar Jul 24 '22 20:07 step-security-bot

Analysis

Action Name: samspills/assign-pr-to-author
Action Type: Node
GITHUB_TOKEN Matches: repo-token,GITHUB_TOKEN,Token
Top language: JavaScript
Stars: 14
Private: false
Forks: 2

Endpoints Found

Endpoint Permission
issues.update write

FollowUp Links.

https://github.com/samspills/assign-pr-to-author/blob/223a87a821f7e7447cfb5221bc53ceeb633341c2/lib/main.js

action-security.yml

name: 'Assign PR to Author'
github-token:
  action-input:
    input: repo-token
    is-default: false
  permissions:
    issues: write

step-security-bot avatar Jul 24 '22 20:07 step-security-bot

I tried using this Action with permissions issues: write and it failed. (I'm assuming that's what the bot means above)

irongut avatar Jul 25 '22 14:07 irongut