]> git.madduck.net Git - etc/vim.git/commit

madduck's git repository

Every one of the projects in this repository is available at the canonical URL git://git.madduck.net/madduck/pub/<projectpath> — see each project's metadata for the exact URL.

All patches and comments are welcome. Please squash your changes to logical commits before using git-format-patch and git-send-email to patches@git.madduck.net. If you'd read over the Git project's submission guidelines and adhered to them, I'd be especially grateful.

SSH access, as well as push access can be individually arranged.

If you use my repositories frequently, consider adding the following snippet to ~/.gitconfig and using the third clone URL listed for each project:

[url "git://git.madduck.net/madduck/"]
  insteadOf = madduck:

projects / etc / vim.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 9d5edd3) | patch
chore: Set permissions for GitHub actions (#3043)
authorNaveen <172697+naveensrinivasan@users.noreply.github.com>
Tue, 3 May 2022 13:08:33 +0000 (08:08 -0500)
committerGitHub <noreply@github.com>
Tue, 3 May 2022 13:08:33 +0000 (07:08 -0600)
commitc940f75d5b646777427aef1beb18a0d2c391f5e2
treefe5fea9a80b9e66720f5b2a560f0ff3aa7d7bc17tree | snapshot
parent9d5edd302003285b5280e3dd209d6299feafb70ecommit | diff
chore: Set permissions for GitHub actions (#3043)

Restrict the GitHub token permissions only to the required ones; this way, even if the attackers will succeed in compromising your workflow, they won’t be able to do much.

- Included permissions for the action. https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions

https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions

https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs

[Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/)

Signed-off-by: naveen <172697+naveensrinivasan@users.noreply.github.com>
.github/workflows/changelog.yml diff | blob | history
.github/workflows/doc.yml diff | blob | history
.github/workflows/docker.yml diff | blob | history
.github/workflows/fuzz.yml diff | blob | history
.github/workflows/pypi_upload.yml diff | blob | history
.github/workflows/upload_binary.yml diff | blob | history
.github/workflows/uvloop_test.yml diff | blob | history
vim configuration

Legalese

All content available in this repository is copyright © martin f. krafft, unless otherwise noted.

All files and their content are released under the terms of the Artistic Licence 2.0, unless otherwise noted.

The operator of this repository shall not be held liable for offending content in pages linking to or linked from these page, nor does he endorse their content unless stated otherwise.