Update 8hobbies/workflows digest to 48a7222 #218
Conversation
![renovate[bot]](https://avatars.githubusercontent.com/in/2740?s=60&v=4){kind=small}
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
| @@ -22,4 +22,4 @@ | |||
|
|
|||
| jobs: | |||
| lint: | |||
| uses: 8hobbies/workflows/.github/workflows/npm-lint.yml@2e83292d3d74551e5ea48dcd61ee7b905755c0b6 | |||
| uses: 8hobbies/workflows/.github/workflows/npm-lint.yml@48a7222d056fc9b96243ff58bf4933e5ed4415e0 | |||
Check warning
Code scanning / CodeQL
Workflow does not contain permissions Medium
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix
AI 21 days ago
To fix the issue, add a permissions block to the root of the workflow. Since the workflow performs linting tasks, it likely only requires read access to the repository contents. The permissions block should be set to contents: read to restrict access to the minimum required level.
The changes will be made to the .github/workflows/lint.yml file. Specifically:
- Add a
permissionsblock at the root level of the workflow, above thejobssection. - Set
contents: readas the permission.
| @@ -22,2 +22,5 @@ | ||
|
|
||
| permissions: | ||
| contents: read | ||
|
|
||
| jobs: |
| @@ -22,4 +22,4 @@ | |||
|
|
|||
| jobs: | |||
| run: | |||
| uses: 8hobbies/workflows/.github/workflows/npm-publish-dry-run.yml@2e83292d3d74551e5ea48dcd61ee7b905755c0b6 | |||
| uses: 8hobbies/workflows/.github/workflows/npm-publish-dry-run.yml@48a7222d056fc9b96243ff58bf4933e5ed4415e0 | |||
Check warning
Code scanning / CodeQL
Workflow does not contain permissions Medium
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix
AI 21 days ago
To fix the issue, add a permissions block at the root of the workflow file. This block will explicitly define the minimal permissions required for the workflow. Based on the context, the workflow likely needs contents: read to access repository contents and possibly no write permissions. If additional permissions are required, they can be added later.
| @@ -16,2 +16,5 @@ | ||
|
|
||
| permissions: | ||
| contents: read | ||
|
|
||
| on: |
| @@ -22,4 +22,4 @@ | |||
|
|
|||
| jobs: | |||
| test: | |||
| uses: 8hobbies/workflows/.github/workflows/npm-runtime.yml@2e83292d3d74551e5ea48dcd61ee7b905755c0b6 | |||
| uses: 8hobbies/workflows/.github/workflows/npm-runtime.yml@48a7222d056fc9b96243ff58bf4933e5ed4415e0 | |||
Check warning
Code scanning / CodeQL
Workflow does not contain permissions Medium
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix
AI 21 days ago
To fix the issue, add a permissions block at the root level of the workflow. This block will apply to all jobs in the workflow unless overridden by job-specific permissions. The permissions should be set to the least privilege required for the workflow to function correctly. Based on the context, the workflow likely requires read access to repository contents and possibly write access to pull requests.
The fix involves:
- Adding a
permissionsblock at the root level of the workflow. - Setting
contents: readandpull-requests: writeas the minimal permissions required.
| @@ -16,2 +16,6 @@ | ||
|
|
||
| permissions: | ||
| contents: read | ||
| pull-requests: write | ||
|
|
||
| on: |
This PR contains the following updates:
2e83292->48a7222Configuration
📅 Schedule: Branch creation - "on Sunday" (UTC), Automerge - At any time (no schedule defined).
🚦 Automerge: Enabled.
♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR was generated by Mend Renovate. View the repository job log.