secure-repo [KB] Add GitHub token permissions for actionsdesk/lfs-warning Action

[KB] Add GitHub token permissions for actionsdesk/lfs-warning Action

Open step-security-bot opened this issue 3 years ago • 1 comments

Knowledge Base is missing for actionsdesk/lfs-warning.

Sep 27 '22 18:09 step-security-bot

Analysis

Action Name: actionsdesk/lfs-warning
Action Type: Node
GITHUB_TOKEN Matches: token,Token,GITHUB_TOKEN
Top language: TypeScript
Stars: 19
Private: false
Forks: 14

Endpoints Found

Endpoint	Permission
pulls.listFiles	read
pulls.list	read
git.getBlob	read
issues.addLabels	write
issues.create	write
issues.createComment	write
issues.createLabel	write
issues.get	read
issues.getLabel	read
issues.list	read
issues.listLabelsOnIssue	read
issues.removeLabel	write

FollowUp Links.

https://github.com/ActionsDesk/lfs-warning/blob/7b08791c6402020118f498601c8782fc66295651/src/index.ts

action-security.yml

name: "LFS-warning"
github-token:
  action-input:
    input: token
    is-default: true
  permissions:
    pull-requests: read
    contents: read
    issues: write

Sep 27 '22 18:09 step-security-bot

secure-repo secure-repo copied to clipboard

[KB] Add GitHub token permissions for actionsdesk/lfs-warning Action

Analysis

Endpoints Found

FollowUp Links.

action-security.yml

secure-repo
secure-repo copied to clipboard