net 10 upgrade#79
Conversation
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
Check warning
Code scanning / CodeQL
Workflow does not contain permissions Medium
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix
AI 5 months ago
To address the issue, add a permissions block at the root of the workflow (.github/workflows/createrelease.yml), directly under the workflow name. This block sets the permissions for the GITHUB_TOKEN used by all jobs that do not themselves declare a permissions key. Assign only the least privileges required. For artifact upload/download, only contents: read is needed. As no jobs push code or manipulate issues/pull requests, no elevated permissions are apparent.
Add the following lines to the top of the workflow file, immediately after the workflow name:
permissions:
contents: readNo imports, new methods, or definitions are needed, as this is a YAML config edit. The change should not affect any workflow functionality but will reduce the privileges granted to the GITHUB_TOKEN in the workflow runs.
| @@ -1,4 +1,6 @@ | ||
| name: Release | ||
| permissions: | ||
| contents: read | ||
|
|
||
| on: | ||
| release: |
2 participants
closes #77
closes #78