Skip to content

Try spell linter#3263

Closed
hannahramadan wants to merge 1 commit intodevfrom
spelling_bee
Closed

Try spell linter#3263
hannahramadan wants to merge 1 commit intodevfrom
spelling_bee

Conversation

@hannahramadan
Copy link
Contributor

@hannahramadan hannahramadan commented Sep 19, 2025

Before contributing, please read our contributing guidelines and code of conduct.

Overview

Describe the changes present in the pull request

Submitter Checklist:

  • Include a link to the related GitHub issue, if applicable
  • Include a security review link, if applicable

Testing

The agent includes a suite of unit and functional tests which should be used to
verify your changes don't break existing functionality. These tests will run with
GitHub Actions when a pull request is made. More details on running the tests locally can be found
here for our unit tests,
and here for our functional tests.
For most contributions it is strongly recommended to add additional tests which
exercise your changes.

Reviewer Checklist

  • Perform code review
  • Add performance label
  • Perform appropriate level of performance testing
  • Confirm all checks passed
  • Add version label prior to acceptance

github-advanced-security[bot]
github-advanced-security bot found potential problems Sep 19, 2025
View reviewed changes
.github/workflows/spell_check.yml
Comment on lines +8 to +18
name: SPELLING check
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: streetsidesoftware/cspell-action@v6
with:
# Files should be consistent with check:spelling files
files: |
**/*.md
config: .cspell.yml

No newline at end of file

Check warning

Code scanning / CodeQL

Workflow does not contain permissions Medium

Actions job or workflow does not limit the permissions of the GITHUB_TOKEN. Consider setting an explicit permissions block, using the following as a minimal starting point: {contents: read}

Copilot Autofix

AI 5 months ago

The best way to fix this issue is to explicitly specify the permissions required by the workflow or job. In this case, the job is only checking out code and running a spelling check on markdown files, so only minimal permissions are needed—specifically, read access to repository contents. No write access is required. The permissions block can be placed either at the top/root of the workflow (to apply to all jobs) or at the job level. Since there is a single job in this workflow, either placement is fine; placing it at the root is conventional and applies strict defaults if other jobs are ever added.
To fix:

  • Add a permissions: block immediately after the workflow name:, with at minimum contents: read.
Suggested changeset 1
.github/workflows/spell_check.yml

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/.github/workflows/spell_check.yml b/.github/workflows/spell_check.yml
--- a/.github/workflows/spell_check.yml
+++ b/.github/workflows/spell_check.yml
@@ -1,4 +1,6 @@
 name: Check Spelling
+permissions:
+  contents: read
 
 on:
   pull_request:
EOF
@@ -1,4 +1,6 @@
name: Check Spelling
permissions:
contents: read

on:
pull_request:
Copilot is powered by AI and may make mistakes. Always verify output.
@hannahramadan hannahramadan deleted the spelling_bee branch September 25, 2025 17:13
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@hannahramadan

Comments