Skip to content

Commit 5cf1805

Browse files
hinanoharthinanohart
authored
ci: concurrency + permissions + SHA-pin hardening (#28)
* ci: add concurrency block to publish.yml * ci: add minimum permissions to test.yml
1 parent 58dcf69 commit 5cf1805

2 files changed

Lines changed: 7 additions & 0 deletions

File tree

.github/workflows/publish.yml

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -21,6 +21,10 @@ on:
2121
required: false
2222
default: ""
2323

24+
concurrency:
25+
group: publish-${{ github.ref }}
26+
cancel-in-progress: false
27+
2428
permissions:
2529
contents: read
2630

.github/workflows/test.yml

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -5,6 +5,9 @@ on:
55
branches: [main]
66
pull_request:
77

8+
permissions:
9+
contents: read
10+
811
jobs:
912
test:
1013
runs-on: ${{ matrix.os }}

0 commit comments

Comments
 (0)