actions/commitlint-github-action
5
0
Fork 0
mirror of https://github.com/wagoid/commitlint-github-action.git synced 2025-11-08 00:16:56 +00:00
Code Activity Actions

Restrict permissions for the GITHUB_TOKEN in .github/workflows/ci.yml

Browse source
This commit is contained in:
Step Security 2021-09-08 22:18:16 +00:00
parent 59203cb6ee
commit 48d3401071
1 changed files with 4 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
.github/workflows/ci.yml vendored
View file

@ -3,6 +3,8 @@ on: [push]
jobs: jobs:
sanity-checks: sanity-checks:
permissions:
contents: read
name: Sanity Checks name: Sanity Checks
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
@ -22,6 +24,8 @@ jobs:
- run: npm run lint - run: npm run lint
- run: npm test -- --ci --coverage - run: npm test -- --ci --coverage
release: release:
permissions:
contents: write
needs: sanity-checks needs: sanity-checks
runs-on: ubuntu-latest runs-on: ubuntu-latest
if: "github.ref == 'refs/heads/master' && !contains(toJSON(github.event.commits.*.message), '[skip-ci]')" if: "github.ref == 'refs/heads/master' && !contains(toJSON(github.event.commits.*.message), '[skip-ci]')"