Skip to content

Commit

Permalink
GitHub Actions: Reduce permissions to guard against malicious 3rd par…
Browse files Browse the repository at this point in the history 
…ty actions
  • Loading branch information
@bkoelman
bkoelman committed Sep 17, 2023
1 parent 93c082c commit f55da1f
Showing 1 changed file with 6 additions and 0 deletions.
6 changes: 6 additions & 0 deletions .github/workflows/build.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -35,6 +35,8 @@ jobs:
matrix:
os: [ubuntu-latest, windows-latest, macos-latest]
runs-on: ${{ matrix.os }}
permissions:
contents: read
steps:
- name: Setup PostgreSQL
uses: ikalnytskyi/action-setup-postgres@v4
Expand Down Expand Up @@ -152,6 +154,8 @@ jobs:
matrix:
os: [ubuntu-latest, windows-latest, macos-latest]
runs-on: ${{ matrix.os }}
permissions:
contents: read
steps:
- name: Git checkout
uses: actions/checkout@v3
Expand Down Expand Up @@ -201,6 +205,8 @@ jobs:
matrix:
os: [ubuntu-latest, windows-latest, macos-latest]
runs-on: ${{ matrix.os }}
permissions:
contents: read
steps:
- name: Git checkout
uses: actions/checkout@v3
Expand Down

0 comments on commit f55da1f

Please sign in to comment.