Update 8hobbies/workflows digest to c95f86b #220

renovate · 2025-06-22T07:23:38Z

This PR contains the following updates:

Package	Type	Update	Change
8hobbies/workflows	action	digest	`48a7222` -> `c95f86b`

Configuration

📅 Schedule: Branch creation - "on Sunday" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

.github/workflows/lint.yml

@@ -22,4 +22,4 @@

 jobs:
  lint:
-    uses: 8hobbies/workflows/.github/workflows/npm-lint.yml@48a7222d056fc9b96243ff58bf4933e5ed4415e0
+    uses: 8hobbies/workflows/.github/workflows/npm-lint.yml@c95f86bbd0d7f9f7fb4866b1edd66c3972219e80


To fix the issue, add a permissions block at the root of the workflow. This block will explicitly define the permissions required for the workflow. Since this is a linting workflow, it likely only needs read access to the repository contents. The permissions block should be added after the name field and before the on field.

.github/workflows/publish-dry-run.yml

@@ -22,4 +22,4 @@

 jobs:
  run:
-    uses: 8hobbies/workflows/.github/workflows/npm-publish-dry-run.yml@48a7222d056fc9b96243ff58bf4933e5ed4415e0
+    uses: 8hobbies/workflows/.github/workflows/npm-publish-dry-run.yml@c95f86bbd0d7f9f7fb4866b1edd66c3972219e80


To fix the issue, add a permissions block to the root of the workflow file. This block will explicitly define the permissions required for the workflow, ensuring that the GITHUB_TOKEN has only the necessary access. Since the workflow appears to be related to publishing (dry run), it likely requires read access to repository contents and no write access.

The permissions block should be added after the name field and before the on field. The recommended permissions are:

contents: read for accessing repository files.

.github/workflows/runtime.yml

@@ -22,4 +22,4 @@

 jobs:
  test:
-    uses: 8hobbies/workflows/.github/workflows/npm-runtime.yml@48a7222d056fc9b96243ff58bf4933e5ed4415e0
+    uses: 8hobbies/workflows/.github/workflows/npm-runtime.yml@c95f86bbd0d7f9f7fb4866b1edd66c3972219e80


To fix the issue, add a permissions block to the root of the workflow or the specific job. Since the workflow uses a reusable workflow, the permissions should be set at the job level to ensure the GITHUB_TOKEN has the least privileges required for the reusable workflow to function. Based on the recommendation, the minimal permissions block should include contents: read.

Update 8hobbies/workflows digest to c95f86b

bab0bc7

renovate bot requested a review from xuhdev as a code owner June 22, 2025 07:23

renovate bot enabled auto-merge (squash) June 22, 2025 07:23

github-advanced-security bot found potential problems Jun 22, 2025

View reviewed changes

renovate bot merged commit e39ffb7 into master Jun 22, 2025
13 checks passed

renovate bot deleted the renovate/all-digest branch June 22, 2025 07:24

@@ -15,2 +15,4 @@
             name: Lint
+            permissions:
+              contents: read

@@ -15,2 +15,4 @@
             name: Publish Dry Run
+            permissions:
+              contents: read

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Update 8hobbies/workflows digest to c95f86b #220

Update 8hobbies/workflows digest to c95f86b #220

Uh oh!

renovate bot commented Jun 22, 2025

Uh oh!

Check warning

Copilot Autofix

Check warning

Copilot Autofix

Check warning

Copilot Autofix

Uh oh!

Uh oh!

Update 8hobbies/workflows digest to c95f86b #220

Update 8hobbies/workflows digest to c95f86b #220

Uh oh!

Conversation

renovate bot commented Jun 22, 2025

Configuration

Uh oh!

Check warning

Copilot Autofix

Check warning

Copilot Autofix

Check warning

Copilot Autofix

Uh oh!

Uh oh!