[actions] restrict permissions for GITHUB_TOKEN

2025-09-11 09:09:07 +00:00 · 2021-09-10 06:09:45 +00:00
parent 2dad0455ec
commit 59532c74c6
8 changed files with 32 additions and 0 deletions
--- a/.github/workflows/lint.yml
+++ b/.github/workflows/lint.yml
@@ -4,6 +4,8 @@ on: [pull_request, push]

 jobs:
  eclint:
+    permissions:
+      contents: read
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v2
@@ -14,6 +16,8 @@ jobs:
      - run: npm run eclint

  dockerfile_lint:
+    permissions:
+      contents: read
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v2
@@ -24,6 +28,8 @@ jobs:
      - run: npm run dockerfile_lint

  doctoc:
+    permissions:
+      contents: read
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v2
@@ -34,6 +40,8 @@ jobs:
      - run: npm run doctoc:check

  test_naming:
+    permissions:
+      contents: read
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v2