Skip to content

Commit 225c9da

Browse files
Added explicit permissions to check-run (#406)
1 parent 5ca71cb commit 225c9da

2 files changed

Lines changed: 6 additions & 0 deletions

File tree

.github/workflows/_ephemeral_environment_manager.yml

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -41,6 +41,8 @@ jobs:
4141
check-run:
4242
name: Check PR run
4343
uses: ./.github/workflows/check-run.yml
44+
permissions:
45+
contents: read
4446

4547
create-branch:
4648
name: Create Branch

.github/workflows/scan.yml

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -14,10 +14,14 @@ on:
1414
branches:
1515
- "main"
1616

17+
permissions: {}
18+
1719
jobs:
1820
check-run:
1921
name: Check PR run
2022
uses: bitwarden/gh-actions/.github/workflows/check-run.yml@main
23+
permissions:
24+
contents: read
2125

2226
sast:
2327
name: SAST scan

0 commit comments

Comments
 (0)