Skip to content

Commit 3ea5617

Browse files
aksOpsclaude
andcommitted
Add permissions to CI/CodeQL workflows, fix vulnerability badge 404
- ci.yml: add permissions { contents: read } - codeql.yml: add contents: read alongside security-events: write - Fix vulnerability badge label from "0 - clean" to "0" to avoid shields.io URL encoding issues causing 404 Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
1 parent a9a7e79 commit 3ea5617

4 files changed

Lines changed: 6 additions & 2 deletions

File tree

.github/workflows/ci.yml

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -6,6 +6,9 @@ on:
66
pull_request:
77
branches: [main]
88

9+
permissions:
10+
contents: read
11+
912
jobs:
1013
test:
1114
runs-on: ubuntu-latest

.github/workflows/codeql.yml

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -9,6 +9,7 @@ on:
99
- cron: "0 6 * * 1"
1010

1111
permissions:
12+
contents: read
1213
security-events: write
1314

1415
jobs:

README.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -19,7 +19,7 @@
1919
<a href="https://github.com/RandomCodeSpace/code-iq/security"><img src="https://img.shields.io/badge/security-audited-purple?style=flat-square&logo=shieldsdotio&logoColor=white" alt="Security"></a>
2020
<a href="https://github.com/RandomCodeSpace/code-iq/security/dependabot"><img src="https://img.shields.io/badge/dependabot-enabled-brightgreen?style=flat-square&logo=dependabot&logoColor=white" alt="Dependabot enabled"></a>
2121
<a href="https://github.com/RandomCodeSpace/code-iq/security/code-scanning"><img src="https://img.shields.io/github/actions/workflow/status/RandomCodeSpace/code-iq/codeql.yml?branch=main&style=flat-square&logo=github&label=CodeQL" alt="CodeQL"></a>
22-
<!-- DYNAMIC:vulnerabilities --><a href="https://github.com/RandomCodeSpace/code-iq/security/dependabot"><img src="https://img.shields.io/badge/vulnerabilities-0%20-%20clean-brightgreen?style=flat-square&logo=hackthebox&logoColor=white" alt="0 - clean Vulnerabilities"></a><!-- /DYNAMIC:vulnerabilities -->
22+
<!-- DYNAMIC:vulnerabilities --><a href="https://github.com/RandomCodeSpace/code-iq/security/dependabot"><img src="https://img.shields.io/badge/vulnerabilities-0-brightgreen?style=flat-square&logo=hackthebox&logoColor=white" alt="0 Vulnerabilities"></a><!-- /DYNAMIC:vulnerabilities -->
2323
<!-- DYNAMIC:detectors --><a href="https://github.com/RandomCodeSpace/code-iq"><img src="https://img.shields.io/badge/detectors-58-brightgreen?style=flat-square&logo=codefactor&logoColor=white" alt="58 Detectors"></a><!-- /DYNAMIC:detectors -->
2424
<!-- DYNAMIC:languages --><a href="https://github.com/RandomCodeSpace/code-iq"><img src="https://img.shields.io/badge/languages-33-blue?style=flat-square&logo=stackblitz&logoColor=white" alt="33 Languages"></a><!-- /DYNAMIC:languages -->
2525
<!-- DYNAMIC:tests --><a href="https://github.com/RandomCodeSpace/code-iq"><img src="https://img.shields.io/badge/tests-113%20passed-brightgreen?style=flat-square&logo=pytest&logoColor=white" alt="113 passed Tests"></a><!-- /DYNAMIC:tests -->

scripts/update_readme_badges.py

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -135,7 +135,7 @@ def main() -> None:
135135
)
136136
if vulns >= 0:
137137
vuln_color = "brightgreen" if vulns == 0 else "yellow" if vulns <= 3 else "red"
138-
vuln_label = "0 - clean" if vulns == 0 else str(vulns)
138+
vuln_label = "0" if vulns == 0 else str(vulns)
139139
content = update_badge(
140140
content, "vulnerabilities",
141141
badge("vulnerabilities", vuln_label, vuln_color, "hackthebox"),

0 commit comments

Comments
 (0)