Skip to content

[Actions] Add permissions to all workflows #51

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Oct 20, 2025
Merged

[Actions] Add permissions to all workflows #51

merged 2 commits into from
Oct 20, 2025

Conversation

@VeithMetro
Copy link
Contributor

@VeithMetro VeithMetro commented Oct 15, 2025

This is a fix for this code scanning alert

Copilot AI review requested due to automatic review settings October 15, 2025 13:11
Copilot AI reviewed Oct 15, 2025
View reviewed changes
Copy link

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

This PR adds explicit permissions to GitHub workflow files to address a security code scanning alert. The change restricts workflow permissions to read-only access to repository contents, following security best practices for GitHub Actions.

Key changes:

  • Added explicit permissions configuration to all workflow files
  • Set contents: read permission to limit workflow access to repository contents

Reviewed Changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated no comments.

File Description
.github/workflows/Linux build template.yml Added read-only contents permission to template workflow
.github/workflows/Build ThunderLibraries on Linux.yml Added read-only contents permission to build workflow

Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.

@pwielders pwielders merged commit bd8dda6 into main Oct 20, 2025
18 checks passed
@pwielders pwielders deleted the developmen/actions-premissions branch October 20, 2025 07:22
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

Assignees

No one assigned

Labels

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@VeithMetro @pwielders