From f505a96583047308288e910a43f95d5f8c2149e3 Mon Sep 17 00:00:00 2001 From: Rick Ossendrijver Date: Thu, 26 Dec 2024 10:49:11 +0100 Subject: [PATCH] Add permission --- .github/workflows/comment-pr.yml | 2 ++ .github/workflows/pitest-update-pr.yml | 2 +- .github/workflows/receive-pr.yml | 5 +++-- 3 files changed, 6 insertions(+), 3 deletions(-) diff --git a/.github/workflows/comment-pr.yml b/.github/workflows/comment-pr.yml index f6856c9d..ec61dcb0 100644 --- a/.github/workflows/comment-pr.yml +++ b/.github/workflows/comment-pr.yml @@ -9,6 +9,8 @@ on: workflows: ["receive-pr"] types: - completed +permissions: + actions: read jobs: post-suggestions: diff --git a/.github/workflows/pitest-update-pr.yml b/.github/workflows/pitest-update-pr.yml index a6383e6c..1a09261f 100644 --- a/.github/workflows/pitest-update-pr.yml +++ b/.github/workflows/pitest-update-pr.yml @@ -37,7 +37,7 @@ jobs: java-distribution: temurin maven-version: 3.9.9 - name: Download Pitest analysis artifact - uses: dawidd6/action-download-artifact@`09f2f74827fd3a8607589e5ad7f9398816f540fe # v3.1.4 + uses: dawidd6/action-download-artifact@09f2f74827fd3a8607589e5ad7f9398816f540fe # v3.1.4 with: workflow: ${{ github.event.workflow_run.workflow_id }} name: pitest-reports diff --git a/.github/workflows/receive-pr.yml b/.github/workflows/receive-pr.yml index 43eb63f5..1ff348b6 100644 --- a/.github/workflows/receive-pr.yml +++ b/.github/workflows/receive-pr.yml @@ -9,7 +9,8 @@ on: types: [opened, synchronize] branches: - master - +permissions: + actions: read concurrency: group: '${{ github.workflow }} @ ${{ github.ref }}' cancel-in-progress: true @@ -19,7 +20,7 @@ jobs: runs-on: ubuntu-latest timeout-minutes: 10 steps: - - name: Name. + - name: XXX add name. uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: ref: ${{github.event.pull_request.head.ref}}