Skip to content

ci: applying security recommendations #8

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Jun 16, 2025
Merged

ci: applying security recommendations #8

merged 1 commit into from
Jun 16, 2025

Conversation

agustinfrancesa
Copy link
Contributor

No description provided.

@agustinfrancesa
ci: applying security recommendations
8fe6e29 
Signed-off-by: Francesa Alfaro, Agustin <agustin.francesa.alfaro@intel.com>
@Copilot Copilot AI review requested due to automatic review settings June 16, 2025 19:17
Copilot
Copilot AI reviewed Jun 16, 2025
View reviewed changes
Copy link

@Copilot Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

This PR applies security recommendations to our CI workflows by restricting permissions to only what is necessary.

  • Updated check-build workflow to limit permissions to read-only where applicable.
  • Updated bandit workflow to include a minimal set of permissions, ensuring security events can be written and content accessed appropriately.

Reviewed Changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated 1 comment.

File Description
.github/workflows/check-build.yml Added a permissions block with contents: read
.github/workflows/bandit.yml Added a permissions block with security-events: write, actions: read, and contents: read

.github/workflows/bandit.yml
permissions:
security-events: write
actions: read
contents: read

Copy link
Preview

Copilot AI Jun 16, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

[nitpick] Consider removing the extraneous blank line in the permissions block to improve consistency and readability.

Suggested change

Copilot uses AI. Check for mistakes.

@agustinfrancesa agustinfrancesa merged commit 8d55fa2 into main Jun 16, 2025
7 checks passed
@agustinfrancesa agustinfrancesa deleted the fix/security_recommendations branch June 16, 2025 19:19
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

Copilot code review Copilot Copilot left review comments

@erinoerin erinoerin Awaiting requested review from erinoerin

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@agustinfrancesa