Skip to content

Restore skipped plugin test suites #365

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
arunshenoy99 wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Restore skipped plugin test suites #365

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
72 changes: 36 additions & 36 deletions .github/workflows/brand-plugin-test.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -34,42 +34,42 @@
plugin-branch: 'develop'
secrets: inherit

# hostgator:
# name: HostGator Build and Test
# needs: setup
# uses: newfold-labs/workflows/.github/workflows/module-plugin-test.yml@main
# with:
# module-repo: ${{ github.repository }}
# module-branch: ${{ needs.setup.outputs.branch }}
# plugin-repo: 'newfold-labs/wp-plugin-hostgator'
# secrets: inherit
hostgator:
name: HostGator Build and Test
needs: setup
uses: newfold-labs/workflows/.github/workflows/module-plugin-test.yml@main
with:
module-repo: ${{ github.repository }}
module-branch: ${{ needs.setup.outputs.branch }}
plugin-repo: 'newfold-labs/wp-plugin-hostgator'
secrets: inherit

Check warning

Code scanning / CodeQL

Workflow does not contain permissions Medium

Actions job or workflow does not limit the permissions of the GITHUB_TOKEN. Consider setting an explicit permissions block, using the following as a minimal starting point: {}
# web:
# name: Web.com Build and Test
# needs: setup
# uses: newfold-labs/workflows/.github/workflows/module-plugin-test.yml@main
# with:
# module-repo: ${{ github.repository }}
# module-branch: ${{ needs.setup.outputs.branch }}
# plugin-repo: 'newfold-labs/wp-plugin-web'
# secrets: inherit
web:
name: Web.com Build and Test
needs: setup
uses: newfold-labs/workflows/.github/workflows/module-plugin-test.yml@main
with:
module-repo: ${{ github.repository }}
module-branch: ${{ needs.setup.outputs.branch }}
plugin-repo: 'newfold-labs/wp-plugin-web'
secrets: inherit

Check warning

Code scanning / CodeQL

Workflow does not contain permissions Medium

Actions job or workflow does not limit the permissions of the GITHUB_TOKEN. Consider setting an explicit permissions block, using the following as a minimal starting point: {}
# crazydomains:
# name: Crazy Domains Build and Test
# needs: setup
# uses: newfold-labs/workflows/.github/workflows/module-plugin-test.yml@main
# with:
# module-repo: ${{ github.repository }}
# module-branch: ${{ needs.setup.outputs.branch }}
# plugin-repo: 'newfold-labs/wp-plugin-crazy-domains'
# secrets: inherit
crazydomains:
name: Crazy Domains Build and Test
needs: setup
uses: newfold-labs/workflows/.github/workflows/module-plugin-test.yml@main
with:
module-repo: ${{ github.repository }}
module-branch: ${{ needs.setup.outputs.branch }}
plugin-repo: 'newfold-labs/wp-plugin-crazy-domains'
secrets: inherit

Check warning

Code scanning / CodeQL

Workflow does not contain permissions Medium

Actions job or workflow does not limit the permissions of the GITHUB_TOKEN. Consider setting an explicit permissions block, using the following as a minimal starting point: {}
# mojo:
# name: Mojo Build and Test
# needs: setup
# uses: newfold-labs/workflows/.github/workflows/module-plugin-test.yml@main
# with:
# module-repo: ${{ github.repository }}
# module-branch: ${{ needs.setup.outputs.branch }}
# plugin-repo: 'newfold-labs/wp-plugin-mojo'
# secrets: inherit
mojo:
name: Mojo Build and Test
needs: setup
uses: newfold-labs/workflows/.github/workflows/module-plugin-test.yml@main
with:
module-repo: ${{ github.repository }}
module-branch: ${{ needs.setup.outputs.branch }}
plugin-repo: 'newfold-labs/wp-plugin-mojo'
Comment on lines +67 to +74

Check warning

Code scanning / CodeQL

Workflow does not contain permissions Medium

Actions job or workflow does not limit the permissions of the GITHUB_TOKEN. Consider setting an explicit permissions block, using the following as a minimal starting point: {}

Copilot Autofix

AI 2 months ago

To fix this problem, you should explicitly set the permissions key in your workflow YAML to restrict the permissions of the GITHUB_TOKEN. The safest and easiest way is to set the permissions key at the top level of the workflow file, just after the workflow name and before on:. This will apply the specified permissions to all jobs unless overridden by individual permissions keys under specific jobs. If all jobs (including setup) only require read-only access to repo contents and do not need to write or modify anything, you should use contents: read as the minimal permission. If future jobs require additional permissions, you can add those specifically. For now, set:

permissions:
  contents: read

at the top of the workflow file to minimize risk.

Suggested changeset 1
.github/workflows/brand-plugin-test.yml

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/.github/workflows/brand-plugin-test.yml b/.github/workflows/brand-plugin-test.yml
--- a/.github/workflows/brand-plugin-test.yml
+++ b/.github/workflows/brand-plugin-test.yml
@@ -1,4 +1,6 @@
 name: Build and Test Module Updates in Brand Plugins
+permissions:
+  contents: read
 on:
   pull_request:
     types: [ opened, reopened, ready_for_review, synchronize ]
EOF
@@ -1,4 +1,6 @@
name: Build and Test Module Updates in Brand Plugins
permissions:
contents: read
on:
pull_request:
types: [ opened, reopened, ready_for_review, synchronize ]
Copilot is powered by AI and may make mistakes. Always verify output.
secrets: inherit
Loading