Update 8hobbies/workflows digest to 32b17c1 #223
Conversation
![renovate[bot]](https://avatars.githubusercontent.com/in/2740?s=60&v=4){kind=small}
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
| @@ -22,4 +22,4 @@ | |||
|
|
|||
| jobs: | |||
| lint: | |||
| uses: 8hobbies/workflows/.github/workflows/npm-lint.yml@c95f86bbd0d7f9f7fb4866b1edd66c3972219e80 | |||
| uses: 8hobbies/workflows/.github/workflows/npm-lint.yml@32b17c109800158b04a8bb1f5999293eb898896b | |||
Check warning
Code scanning / CodeQL
Workflow does not contain permissions Medium
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix
AI 26 days ago
To fix the issue, add a permissions block at the root of the workflow to explicitly define the least privileges required for the workflow. Since this is a linting workflow, it likely only needs read access to the repository contents. The permissions block should be added before the jobs section.
| @@ -22,2 +22,5 @@ | ||
|
|
||
| permissions: | ||
| contents: read | ||
|
|
||
| jobs: |
| @@ -22,4 +22,4 @@ | |||
|
|
|||
| jobs: | |||
| run: | |||
| uses: 8hobbies/workflows/.github/workflows/npm-publish-dry-run.yml@c95f86bbd0d7f9f7fb4866b1edd66c3972219e80 | |||
| uses: 8hobbies/workflows/.github/workflows/npm-publish-dry-run.yml@32b17c109800158b04a8bb1f5999293eb898896b | |||
Check warning
Code scanning / CodeQL
Workflow does not contain permissions Medium
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix
AI 26 days ago
To fix the issue, we will add a permissions block at the root of the workflow file. This block will define the minimal permissions required for the workflow to function. Since the workflow is a "Publish Dry Run," it likely requires read access to repository contents and possibly write access to pull requests (if it interacts with them). We will set contents: read and pull-requests: write as a starting point, which can be adjusted later if additional permissions are required.
| @@ -16,2 +16,6 @@ | ||
|
|
||
| permissions: | ||
| contents: read | ||
| pull-requests: write | ||
|
|
||
| on: |
| @@ -22,4 +22,4 @@ | |||
|
|
|||
| jobs: | |||
| test: | |||
| uses: 8hobbies/workflows/.github/workflows/npm-runtime.yml@c95f86bbd0d7f9f7fb4866b1edd66c3972219e80 | |||
| uses: 8hobbies/workflows/.github/workflows/npm-runtime.yml@32b17c109800158b04a8bb1f5999293eb898896b | |||
Check warning
Code scanning / CodeQL
Workflow does not contain permissions Medium
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix
AI 26 days ago
To fix the issue, we will add a permissions block at the root of the workflow file. This block will define the least privileges required for the workflow to function. Based on the provided context, we will start with minimal permissions: contents: read. If additional permissions are required for specific tasks, they can be added later.
| @@ -16,2 +16,5 @@ | ||
|
|
||
| permissions: | ||
| contents: read | ||
|
|
||
| on: |
This PR contains the following updates:
c95f86b->32b17c1Configuration
📅 Schedule: Branch creation - "on Sunday" (UTC), Automerge - At any time (no schedule defined).
🚦 Automerge: Enabled.
♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR was generated by Mend Renovate. View the repository job log.