Skip to content

Commit 1ea8940

Browse files
chore: apply security best practices from step security (#2803)
[StepSecurity] Apply security best practices Signed-off-by: StepSecurity Bot <bot@stepsecurity.io> Co-authored-by: stepsecurity-app[bot] <188008098+stepsecurity-app[bot]@users.noreply.github.com>
1 parent 9b23ab1 commit 1ea8940

4 files changed

Lines changed: 12 additions & 0 deletions

File tree

.github/workflows/draft-new-release.yml

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -17,6 +17,9 @@ concurrency:
1717
env:
1818
NODE_OPTIONS: '--no-warnings'
1919

20+
permissions:
21+
contents: read
22+
2023
jobs:
2124
validate-actor:
2225
permissions: {}

.github/workflows/publish-new-release.yml

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -10,6 +10,9 @@ on:
1010
env:
1111
NODE_OPTIONS: '--no-warnings'
1212

13+
permissions:
14+
contents: read
15+
1316
jobs:
1417
get-release-inputs:
1518
name: Get Release Inputs

.github/workflows/run-e2e-regression-test-suites.yml

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -40,6 +40,9 @@ env:
4040
CHECK_INTERVAL_FOR_E2E_TESTS: 60 # 1 minute
4141
TARGET_REPO: rudderlabs/rudder-client-side-test
4242

43+
permissions:
44+
contents: read
45+
4346
jobs:
4447
extract-monorepo-version:
4548
name: Extract Monorepo Version

.github/workflows/validate-actor.yml

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -11,6 +11,9 @@ on:
1111
RELEASE_PRIVATE_KEY:
1212
required: true
1313

14+
permissions:
15+
contents: read
16+
1417
jobs:
1518
validate-actor:
1619
runs-on: [self-hosted, Linux, X64]

0 commit comments

Comments
 (0)