react-native-image-picker icon indicating copy to clipboard operation
react-native-image-picker copied to clipboard
verified publisher icon react-native-image-picker

fix(ci): restrict permissions in ci workflow

Open gcanlin opened this issue 6 months ago • 0 comments

Thanks for submitting a PR! Please read these instructions carefully:

  • [x] Explain the motivation for making this change.
  • [x] Provide a test plan demonstrating that the code is solid.
  • [x] Match the code formatting of the rest of the codebase.
  • [x] Target the main branch, NOT a "stable" branch.

Motivation (required)

This change sets the contents: read permission in the GitHub Actions workflow file. By explicitly declaring this permission, the workflow aligns with GitHub's least-privilege principle and security best practices. It ensures that the CI pipeline only has read access to the repository contents, which is sufficient for most use cases and reduces the risk of accidental write access.

Test Plan (required)

  • Verified that the GitHub Actions workflow still runs successfully after setting permissions: contents: read.
  • No functional change was introduced to the workflow logic.

gcanlin avatar Jul 03 '25 02:07 gcanlin