[StepSecurity] ci: Harden GitHub Actions · coveo/public-actions@1935fcf

Triggered via pull request March 22, 2024 20:23

JPLachance

synchronize #36

step-security-bot:stepsecurity_remediation_1710452002

Status Startup failure

Total duration –

Artifacts –

test-dependency-review.yml

on: pull_request

Matrix: test

Waiting for pending jobs

Annotations

1 error

Invalid workflow file: .github/workflows/test-dependency-review.yml#L10

The workflow is not valid. .github/workflows/test-dependency-review.yml (Line: 10, Col: 3): Error calling workflow 'coveo/public-actions/.github/workflows/dependency-review.yml@27dde3e8a4d4998a46495009aba49f421f820401'. The workflow is requesting 'contents: read', but is only allowed 'contents: none'. .github/workflows/test-dependency-review.yml (Line: 10, Col: 3): Error calling workflow 'coveo/public-actions/.github/workflows/dependency-review.yml@27dde3e8a4d4998a46495009aba49f421f820401'. The nested job 'dependency-review' is requesting 'contents: read', but is only allowed 'contents: none'.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[StepSecurity] ci: Harden GitHub Actions #57

Summary

[StepSecurity] ci: Harden GitHub Actions #57

Jobs

Run details

test-dependency-review.yml

Annotations