secure-repo icon indicating copy to clipboard operation
secure-repo copied to clipboard

Published 20 hours ago verified publisher icon step-security

[KB] Add GitHub token permissions for 8BitJonny/gh-get-current-pr Action

Open step-security-bot opened this issue 2 years ago • 2 comments

Knowledge Base is missing for 8BitJonny/gh-get-current-pr.

step-security-bot avatar Oct 11 '22 04:10 step-security-bot

Analysis

Action Name: 8BitJonny/gh-get-current-pr
Action Type: Node
GITHUB_TOKEN Matches: token,github-token
Top language: TypeScript
Stars: 54
Private: false
Forks: 19

Endpoints Found

Endpoint Permission

FollowUp Links.

https://github.com/8BitJonny/gh-get-current-pr/blob/4e0fdd834a5f2713d0b4f03e3277521a540dcf75/src/io/get-inputs.ts https://github.com/8BitJonny/gh-get-current-pr/blob/4e0fdd834a5f2713d0b4f03e3277521a540dcf75/src/main.ts

action-security.yml

name: Get Current Pull Request
github-token:
  action-input:
    input: token
    is-default: true
  permissions:

step-security-bot avatar Oct 11 '22 04:10 step-security-bot

I have taken this issue

sph4674 avatar Oct 11 '22 10:10 sph4674