[lxc/lxc] fe3add: chore: Set permissions for GitHub actions
0 views
Skip to first unread message
Stéphane Graber
Jun 8, 2022, 1:27:17 AMJun 8
to lxc-...@lists.linuxcontainers.org
Branch: refs/heads/master
Home: https://github.com/lxc/lxc
Commit: fe3add2ab8fb87fc21dd540fc574e03765dd1986
https://github.com/lxc/lxc/commit/fe3add2ab8fb87fc21dd540fc574e03765dd1986
Author: neilnaveen <42328488+...@users.noreply.github.com>
Date: 2022-06-08 (Wed, 08 Jun 2022)
Changed paths:
M .github/workflows/build.yml
M .github/workflows/coverity.yml
M .github/workflows/sanitizers.yml
M .github/workflows/static-analysis.yml
Log Message:
-----------
chore: Set permissions for GitHub actions
Restrict the GitHub token permissions only to the required ones; this way, even if the attackers will succeed in compromising your workflow, they won’t be able to do much.
- Included permissions for the action. https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions
https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions
https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs
[Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/)
Signed-off-by: neilnaveen <42328488+...@users.noreply.github.com>
Commit: bb97e07995201cda59fb64312a225cd21305f0f0
https://github.com/lxc/lxc/commit/bb97e07995201cda59fb64312a225cd21305f0f0
Author: Stéphane Graber <stgr...@ubuntu.com>
Date: 2022-06-08 (Wed, 08 Jun 2022)
Changed paths:
M .github/workflows/build.yml
M .github/workflows/coverity.yml
M .github/workflows/sanitizers.yml
M .github/workflows/static-analysis.yml
Log Message:
-----------
Merge pull request #4136 from turrisxyz/Pinned-Dependencies-GitHub
chore: Set permissions for GitHub actions
Compare: https://github.com/lxc/lxc/compare/099bd13ce594...bb97e0799520
Home: https://github.com/lxc/lxc
Commit: fe3add2ab8fb87fc21dd540fc574e03765dd1986
https://github.com/lxc/lxc/commit/fe3add2ab8fb87fc21dd540fc574e03765dd1986
Author: neilnaveen <42328488+...@users.noreply.github.com>
Date: 2022-06-08 (Wed, 08 Jun 2022)
Changed paths:
M .github/workflows/build.yml
M .github/workflows/coverity.yml
M .github/workflows/sanitizers.yml
M .github/workflows/static-analysis.yml
Log Message:
-----------
chore: Set permissions for GitHub actions
Restrict the GitHub token permissions only to the required ones; this way, even if the attackers will succeed in compromising your workflow, they won’t be able to do much.
- Included permissions for the action. https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions
https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions
https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs
[Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/)
Signed-off-by: neilnaveen <42328488+...@users.noreply.github.com>
Commit: bb97e07995201cda59fb64312a225cd21305f0f0
https://github.com/lxc/lxc/commit/bb97e07995201cda59fb64312a225cd21305f0f0
Author: Stéphane Graber <stgr...@ubuntu.com>
Date: 2022-06-08 (Wed, 08 Jun 2022)
Changed paths:
M .github/workflows/build.yml
M .github/workflows/coverity.yml
M .github/workflows/sanitizers.yml
M .github/workflows/static-analysis.yml
Log Message:
-----------
Merge pull request #4136 from turrisxyz/Pinned-Dependencies-GitHub
chore: Set permissions for GitHub actions
Compare: https://github.com/lxc/lxc/compare/099bd13ce594...bb97e0799520
Reply all
Reply to author
Forward
0 new messages