Skip to content

Add explicit permissions to GitHub Actions workflows#34

Merged
gsidhwani-nr merged 1 commit into
mainfrom
fix/add-workflow-permissions
May 20, 2026
Merged

Add explicit permissions to GitHub Actions workflows#34
gsidhwani-nr merged 1 commit into
mainfrom
fix/add-workflow-permissions

Conversation

@gsidhwani-nr

@gsidhwani-nr gsidhwani-nr commented May 20, 2026
edited
Loading

Copy link
Copy Markdown
Contributor

Summary

  • Adds explicit permissions block to release.yml (contents: write) and repolinter.yml (contents: read, issues: write)
  • Resolves CodeQL code-scanning alerts #1 and #2 for actions/missing-workflow-permissions
  • Applies least-privilege principle per GitHub's security hardening recommendations

@gsidhwani-nr @claude
Add explicit permissions to GitHub Actions workflows
7983cd0 
Resolves CodeQL code-scanning alerts for missing workflow permissions
(actions/missing-workflow-permissions). Adds least-privilege permissions
to release.yml and repolinter.yml to comply with security best practices.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
@gsidhwani-nr gsidhwani-nr merged commit 959ab33 into main May 20, 2026
8 checks passed
@gsidhwani-nr gsidhwani-nr deleted the fix/add-workflow-permissions branch May 20, 2026 13:12
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@asllop asllop asllop approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@gsidhwani-nr @asllop