Skip to content

Commit

Permalink
Updates the permissions block to be minimal
Browse files Browse the repository at this point in the history
 And adds a permissions block to the README.
  • Loading branch information
aeisenberg committed Aug 9, 2021
1 parent 9e304b9 commit 2175328
Show file tree
Hide file tree
Showing 3 changed files with 9 additions and 5 deletions.
4 changes: 0 additions & 4 deletions .github/workflows/codeql.yml
Original file line number Diff line number Diff line change
Expand Up @@ -17,8 +17,6 @@ jobs:
versions: ${{ steps.compare.outputs.versions }}

permissions:
actions: read
contents: read
security-events: write

steps:
Expand Down Expand Up @@ -68,8 +66,6 @@ jobs:
runs-on: ${{ matrix.os }}

permissions:
actions: read
contents: read
security-events: write

steps:
Expand Down
2 changes: 1 addition & 1 deletion CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@

## [UNRELEASED]

No user facing changes.
- Update README to include a sample permissions block. [#689](https://github.com/github/codeql-action/pull/689)

## 1.0.10 - 03 Aug 2021

Expand Down
8 changes: 8 additions & 0 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -42,6 +42,14 @@ jobs:
# CodeQL runs on ubuntu-latest, windows-latest, and macos-latest
runs-on: ubuntu-latest

permissions:
# required for all workflows
security-events: write

# only required for workflows in private repositories
actions: read
contents: read

steps:
- name: Checkout repository
uses: actions/checkout@v2
Expand Down

0 comments on commit 2175328

Please sign in to comment.