You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
CodeQL alerts #1, #2, #3 report actions/missing-workflow-permissions on the three CI workflows. Workflows without explicit permissions default to the repository's default token permissions, which may be overly broad.
Tasks
Add permissions: contents: read to tests.yml
Add permissions: contents: read to check-commits.yml
Add permissions: contents: read to python-linter.yml
Description
CodeQL alerts #1, #2, #3 report
actions/missing-workflow-permissionson the three CI workflows. Workflows without explicit permissions default to the repository's default token permissions, which may be overly broad.Tasks
permissions: contents: readtotests.ymlpermissions: contents: readtocheck-commits.ymlpermissions: contents: readtopython-linter.ymlRelated