Skip to content

Commit

Permalink
[StepSecurity] ci: Harden GitHub Actions
Browse files Browse the repository at this point in the history 
Signed-off-by: StepSecurity Bot <[email protected]>
  • Loading branch information
@step-security-bot
step-security-bot committed Oct 12, 2023
1 parent 0c55d8f commit fdf2e09
Show file tree
Hide file tree
Showing 2 changed files with 6 additions and 0 deletions.
3 changes: 3 additions & 0 deletions .github/workflows/ci.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,9 @@ name: Continuous Integration
on:
pull_request_target: {}

permissions:
contents: read

jobs:
qa:
permissions:
Expand Down
3 changes: 3 additions & 0 deletions .github/workflows/code-scanning.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,9 @@ on:
schedule:
- cron: '35 8 * * 1-5'

permissions:
contents: read

jobs:
dependency-review:
name: Dependency Review
Expand Down

0 comments on commit fdf2e09

Please sign in to comment.