Skip to content

Fix permissions for check-run action#90

Merged
mandreko-bitwarden merged 2 commits into
mainfrom
vuln-252-check-run-least-priv
Jun 12, 2025
Merged

Fix permissions for check-run action#90
mandreko-bitwarden merged 2 commits into
mainfrom
vuln-252-check-run-least-priv

Conversation

@mandreko-bitwarden

Copy link
Copy Markdown
Contributor

🎟️ Tracking

https://bitwarden.atlassian.net/browse/VULN-252

📔 Objective

Further restrict permissions to check-run, to prevent abuse of github tokens

⏰ Reminders before review

  • Contributor guidelines followed
  • All formatters and local linters executed and passed
  • Written new unit and / or integration tests where applicable
  • Protected functional changes with optionality (feature flags)
  • Used internationalization (i18n) for all UI strings
  • CI builds passed
  • Communicated to DevOps any deployment requirements
  • Updated any necessary documentation (Confluence, contributing docs) or informed the documentation team

🦮 Reviewer guidelines

  • 👍 (:+1:) or similar for great changes
  • 📝 (:memo:) or ℹ️ (:information_source:) for notes or general info
  • ❓ (:question:) for questions
  • 🤔 (:thinking:) or 💭 (:thought_balloon:) for more open inquiry that's not quite a confirmed issue and could potentially benefit from discussion
  • 🎨 (:art:) for suggestions / improvements
  • ❌ (:x:) or ⚠️ (:warning:) for more significant problems or concerns needing attention
  • 🌱 (:seedling:) or ♻️ (:recycle:) for future improvements or indications of technical debt
  • ⛏ (:pick:) for minor or nitpick changes

@mandreko-bitwarden mandreko-bitwarden requested a review from a team as a code owner June 6, 2025 14:46
@github-actions

github-actions Bot commented Jun 6, 2025

Copy link
Copy Markdown

Logo
Checkmarx One – Scan Summary & Details6b723b31-c1f5-49a6-bfeb-0bda534f9c2e

Great job, no security vulnerabilities found in this Pull Request

JimmyVo16
JimmyVo16 previously approved these changes Jun 9, 2025
@mandreko-bitwarden mandreko-bitwarden force-pushed the vuln-252-check-run-least-priv branch from 0933e5a to d1f5b91 Compare June 9, 2025 20:38
@mandreko-bitwarden mandreko-bitwarden merged commit e209f11 into main Jun 12, 2025
5 checks passed
@mandreko-bitwarden mandreko-bitwarden deleted the vuln-252-check-run-least-priv branch June 12, 2025 13:32
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants