Skip to content

Commit

Permalink
fix: limit permissions for github workflows (#395)
Browse files Browse the repository at this point in the history 
* fix: limit permissions for github workflows

* fix: removed unnecessary actions read perm
  • Loading branch information
@zhongliang02
zhongliang02 authored Jan 9, 2025
1 parent 594f0ba commit 2f3cc3a
Show file tree
Hide file tree
Showing 2 changed files with 11 additions and 0 deletions.
3 changes: 3 additions & 0 deletions .github/workflows/chromatic.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,9 @@ on:
# List of jobs
jobs:
chromatic-deployment:
permissions:
contents: read
checks: write
# Operating System
runs-on: ubuntu-latest
env:
Expand Down
8 changes: 8 additions & 0 deletions .github/workflows/ci.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,10 @@ on:
pull_request:
types: [opened, synchronize]

permissions:
contents: read
checks: write

jobs:
install:
name: Install dependencies
Expand Down Expand Up @@ -66,6 +70,10 @@ jobs:
- install
timeout-minutes: 15
runs-on: ubuntu-latest
permissions:
contents: read
actions: write
checks: write
steps:
- uses: actions/checkout@v4
- uses: ./.github/actions/setup
Expand Down

1 comment on commit 2f3cc3a

@vercel
Copy link

@vercel vercel bot commented on 2f3cc3a Jan 9, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Successfully deployed to the following URLs:

starter-kit – ./

starter-kit-ogp-tooling.vercel.app
ogp-starter-kit.vercel.app
starter-kit-git-main-ogp-tooling.vercel.app

Please sign in to comment.