ci: declare read-only token permissions on test workflow#229
Conversation
|
This test is consistently failing I assume this pre-dates this PR, but I don't see an issue to fix it. |
|
You're right that it pre-dates this PR. This change only adds a top-level The failing job is "Build Test Node 22", and the step that exits non-zero is So Happy to open a separate small PR that runs prettier across |
|
Looked into this, it's not a prettier change - it's from #217, which added a post-process step to the built emscripten output but didn't check in the file with the build change. No idea why CI ran clean on that PR but failed on all subsequent merges. #230 fixes this, we should probably merge that first and then this should run green. |
|
I think this should be mergeable on rebase to |
Signed-off-by: Arpit Jain <arpitjain099@gmail.com>
4716151 to
73ea499
Compare
|
Done, rebased onto current master. |
Coverage Report for CI Build 28551684983Coverage remained the same at 100.0%Details
Uncovered ChangesNo uncovered changes found. Coverage RegressionsNo coverage regressions found. Coverage Stats
💛 - Coveralls |
Adds a top-level
permissions: contents: readdeclaration to the test workflow.The workflow checks out code, builds the project, and runs tests. The GITHUB_TOKEN is only passed to the Coveralls action for coverage upload, which works with read-only access. Declaring explicit permissions restricts the token to the minimum scope needed.