Conversation
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
Comment on lines
+18
to
+43
| runs-on: ubuntu-latest | ||
| defaults: | ||
| run: | ||
| working-directory: ./eth2near | ||
| steps: | ||
| - uses: actions/checkout@v4 | ||
|
|
||
| - name: Set up Rust | ||
| uses: dtolnay/rust-toolchain@stable | ||
| with: | ||
| toolchain: 1.86.0 | ||
| components: clippy, rustfmt | ||
| target: wasm32-unknown-unknown | ||
|
|
||
| - name: Cache Rust dependencies | ||
| uses: Swatinem/rust-cache@v2 | ||
| with: | ||
| workspaces: | | ||
| ./eth2near | ||
| cache-on-failure: true | ||
| cache-all-crates: true | ||
|
|
||
| - name: Run linters | ||
| run: cargo clippy --all-targets --all-features -- -D warnings -D clippy::all | ||
| - name: Check formatting | ||
| run: cargo fmt --all -- --check No newline at end of file |
Check warning
Code scanning / CodeQL
Workflow does not contain permissions Medium
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix
AI 11 months ago
To fix the issue, we will add a permissions block at the root level of the workflow file. This block will explicitly set the permissions to contents: read, which is sufficient for the linting job since it only needs to read the repository's contents. This change ensures that the workflow adheres to the principle of least privilege and avoids granting unnecessary permissions.
Suggested changeset
1
.github/workflows/rust_lint.yml
| @@ -12,2 +12,5 @@ | ||
|
|
||
| permissions: | ||
| contents: read | ||
|
|
||
| env: |
Copilot is powered by AI and may make mistakes. Always verify output.
* Use BLS host functions * Update depenedencies * Switch BLS signature verification to use native host functions * Update near-sdk dependency and add BLS imports for eth2-client * Update near-sdk dependency to use git source with legacy and unit-testing features * Add near-sdk dependency with legacy and unit-testing features * Fix type conversion of tree_hash_root in compute_signing_root function * Update error message in eth2-client test panic assertions * Update near-sdk dependency to use bls-pairing-check branch * Update error messages in eth2-client unit tests for block hash validation * Update test panic message and remove unused data log file * Add Sepolia test data and integration tests for eth2-client contract * Add fixtures * Normalize block data * save * save * another save * Cleanup * More cleanup * streaming json * batching * save * hex it and change the block number source * update blocks * Add extra fields * Update blocks * save * hashing script * update script and light client data * Use uv * save new light client data * minor cleanup * restore test code * Fix sepolia integration test * More fixes * Cleanup * Revert this change too * Newline * Fix merge conflicts
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.