nim-libp2p icon indicating copy to clipboard operation
nim-libp2p copied to clipboard

Published 20 hours ago verified publisher icon vacp2p

Bumper jobs failing

Open yakimant opened this issue 6 months ago • 12 comments

Started to fail after Tanguy left. After getting access to the repo Settings @diegomrsantos and I discovered the probably personal token was used for ACTIONS_GITHUB_TOKEN.

Token is setup here: https://github.com/status-im/nim-libp2p/settings/secrets/actions

See action code: https://github.com/status-im/nim-libp2p/blob/d2c98bd87d540ec2f2d1a7c244b60386dfda66d3/.github/workflows/bumper.yml#L28

Actions & security docs:

  • https://docs.github.com/en/actions/security-guides
  • https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs
  • https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/managing-your-personal-access-tokens
  • https://github.com/actions/checkout

yakimant avatar Dec 18 '23 14:12 yakimant