actions/commitlint-github-action
5
0
Fork 0
mirror of https://github.com/wagoid/commitlint-github-action.git synced 2025-11-07 08:06:54 +00:00
Code Activity Actions

ci: restrict permissions for the GITHUB_TOKEN in .github/workflows/ci.yml (#231)

Browse source 
Co-authored-by: Step Security <bot@stepsecurity.io>
This commit is contained in:
Varun Sharma 2021-09-11 03:51:34 -07:00 committed by GitHub
parent 59203cb6ee
commit 0e361e0644
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 4 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
.github/workflows/ci.yml vendored
View file

@ -3,6 +3,8 @@ on: [push]
jobs:
sanity-checks:
permissions:
contents: read
name: Sanity Checks
runs-on: ubuntu-latest
steps:
@ -22,6 +24,8 @@ jobs:
- run: npm run lint
- run: npm test -- --ci --coverage
release:
permissions:
contents: write
needs: sanity-checks
runs-on: ubuntu-latest
if: "github.ref == 'refs/heads/master' && !contains(toJSON(github.event.commits.*.message), '[skip-ci]')"