diff --git a/.github/workflows/build-test.yml b/.github/workflows/build-test.yml index 8337a692e..8c235fae5 100644 --- a/.github/workflows/build-test.yml +++ b/.github/workflows/build-test.yml @@ -1,5 +1,8 @@ name: Build Test +permissions: + contents: read + on: [pull_request] jobs: diff --git a/.github/workflows/deploy-docs.yml b/.github/workflows/deploy-docs.yml index 7fd9292f4..3e5ccf5f4 100644 --- a/.github/workflows/deploy-docs.yml +++ b/.github/workflows/deploy-docs.yml @@ -1,5 +1,8 @@ name: Deploy to GitHub Pages +permissions: + contents: write + on: push: branches: diff --git a/.github/workflows/deploy_wp_plugin_develop.yml b/.github/workflows/deploy_wp_plugin_develop.yml index 9987fa32d..0d77da987 100644 --- a/.github/workflows/deploy_wp_plugin_develop.yml +++ b/.github/workflows/deploy_wp_plugin_develop.yml @@ -3,6 +3,9 @@ name: Release develop WP Plugin +permissions: + contents: write + on: push: branches: diff --git a/.github/workflows/deploy_wp_plugin_stable.yml b/.github/workflows/deploy_wp_plugin_stable.yml index 0440c299f..abd84a648 100644 --- a/.github/workflows/deploy_wp_plugin_stable.yml +++ b/.github/workflows/deploy_wp_plugin_stable.yml @@ -2,6 +2,9 @@ name: Release Stable WP Plugin ### This has been merged into release-latest-version action +permissions: + contents: write + on: push: branches: diff --git a/.github/workflows/eslint.yml b/.github/workflows/eslint.yml index 38190afcf..64c53638b 100644 --- a/.github/workflows/eslint.yml +++ b/.github/workflows/eslint.yml @@ -1,5 +1,8 @@ name: eslint +permissions: + contents: read + on: [pull_request] jobs: diff --git a/.github/workflows/nextjs_bundle_analysis-app-router.yml b/.github/workflows/nextjs_bundle_analysis-app-router.yml index 988e550db..8348a33c9 100644 --- a/.github/workflows/nextjs_bundle_analysis-app-router.yml +++ b/.github/workflows/nextjs_bundle_analysis-app-router.yml @@ -1,5 +1,9 @@ name: '(App Router) Next.js Bundle Analysis' +permissions: + contents: read + pull-requests: write + on: pull_request: push: diff --git a/.github/workflows/nextjs_bundle_analysis.yml b/.github/workflows/nextjs_bundle_analysis.yml index b18ea15d2..2f29399b0 100644 --- a/.github/workflows/nextjs_bundle_analysis.yml +++ b/.github/workflows/nextjs_bundle_analysis.yml @@ -1,5 +1,11 @@ name: '(Pages Router) Next.js Bundle Analysis' +permissions: + contents: read + actions: read + pull-requests: write + issues: write + on: pull_request: push: diff --git a/.github/workflows/npm-release-next-version.yml b/.github/workflows/npm-release-next-version.yml index f1a7a99ea..61e3d9ed9 100644 --- a/.github/workflows/npm-release-next-version.yml +++ b/.github/workflows/npm-release-next-version.yml @@ -1,5 +1,9 @@ name: Release @next +permissions: + contents: write + pull-requests: write + on: push: branches: diff --git a/.github/workflows/phpcs.yml b/.github/workflows/phpcs.yml index a71c450e8..0e1134903 100644 --- a/.github/workflows/phpcs.yml +++ b/.github/workflows/phpcs.yml @@ -1,5 +1,8 @@ name: PHPCS check +permissions: + contents: read + on: pull_request jobs: diff --git a/.github/workflows/phpunit.yml b/.github/workflows/phpunit.yml index 0fbcfc9dc..5b238b282 100644 --- a/.github/workflows/phpunit.yml +++ b/.github/workflows/phpunit.yml @@ -1,5 +1,8 @@ name: PHPUnit tests +permissions: + contents: read + on: pull_request jobs: diff --git a/.github/workflows/release-latest-version.yml b/.github/workflows/release-latest-version.yml index 9333501d1..c5aa9c9af 100644 --- a/.github/workflows/release-latest-version.yml +++ b/.github/workflows/release-latest-version.yml @@ -1,5 +1,9 @@ name: Release @latest +permissions: + contents: write + pull-requests: write + on: push: branches: diff --git a/.github/workflows/unit-tests.yml b/.github/workflows/unit-tests.yml index d1c78a786..e7f7460cd 100644 --- a/.github/workflows/unit-tests.yml +++ b/.github/workflows/unit-tests.yml @@ -1,5 +1,8 @@ name: unit tests +permissions: + contents: read + on: [pull_request] jobs: