Skip to content

Restrict workflow permissions to read-only #155

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Restrict workflow permissions to read-only #155

wants to merge 1 commit into from

Conversation

@tautschnig
Copy link
Member

Description of changes:

Per CodeQL recommendation restrict permissions to read-only rather than the default of read-write.

Resolved issues:

Addresses security recommendations at https://github.com/model-checking/kani-vscode-extension/security/code-scanning.

Testing:

  • How is this change tested? CI runs

Checklist

  • Each commit message has a non-empty body, explaining why the change was made
  • n/a Methods or procedures are documented
  • Regression or unit tests are included, or existing tests cover the modified code
  • My PR is restricted to a single feature or bugfix

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 and MIT licenses.

@tautschnig
Restrict workflow permissions to read-only
2ad2774 
Per CodeQL recommendation restrict permissions to read-only rather than
the default of read-write.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@thanhnguyen-aws thanhnguyen-aws Awaiting requested review from thanhnguyen-aws

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@tautschnig