lib/json
1
0
Fork 0
mirror of https://github.com/nlohmann/json.git synced 2025-08-06 07:02:42 +03:00
Code Activity

Fix token permissions warnings (#4550)

Browse Source 
* 🚨 fix token permissions warnings

* 🚨 fix token permissions warnings

* 🚨 fix token permissions warnings
This commit is contained in:
Niels Lohmann
2024-12-17 12:55:19 +01:00
committed by GitHub
parent f4910b20ce
commit 861ec9c3c6
11 changed files with 3 additions and 30 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
.github/workflows/check_amalgamation.yml vendored
View File

@@ -3,8 +3,6 @@ name: "Check amalgamation"
on: on:
pull_request: pull_request:
permissions: read-all
jobs: jobs:
save: save:
runs-on: ubuntu-latest runs-on: ubuntu-latest

3
.github/workflows/cifuzz.yml vendored
View File

@@ -1,9 +1,6 @@
name: CIFuzz name: CIFuzz
on: [pull_request] on: [pull_request]
permissions:
contents: read
jobs: jobs:
Fuzzing: Fuzzing:
runs-on: ubuntu-latest runs-on: ubuntu-latest

3
.github/workflows/codeql-analysis.yml vendored
View File

@@ -11,9 +11,6 @@ on:
- cron: '0 19 * * 1' - cron: '0 19 * * 1'
workflow_dispatch: workflow_dispatch:
permissions:
contents: read
concurrency: concurrency:
group: ${{ github.workflow }}-${{ github.ref || github.run_id }} group: ${{ github.workflow }}-${{ github.ref || github.run_id }}
cancel-in-progress: true cancel-in-progress: true

2
.github/workflows/comment_check_amalgamation.yml vendored
View File

@@ -5,8 +5,6 @@ on:
types: types:
- completed - completed
permissions: {}
jobs: jobs:
comment: comment:
if: ${{ github.event.workflow_run.conclusion == 'failure' }} if: ${{ github.event.workflow_run.conclusion == 'failure' }}

3
.github/workflows/dependency-review.yml vendored
View File

@@ -9,9 +9,6 @@
name: 'Dependency Review' name: 'Dependency Review'
on: [pull_request] on: [pull_request]
permissions:
contents: read
jobs: jobs:
dependency-review: dependency-review:
runs-on: ubuntu-latest runs-on: ubuntu-latest

2
.github/workflows/labeler.yml vendored
View File

@@ -4,8 +4,6 @@ on:
pull_request_target: pull_request_target:
types: [opened, synchronize] types: [opened, synchronize]
permissions: {}
jobs: jobs:
label: label:
permissions: permissions:

3
.github/workflows/macos.yml vendored
View File

@@ -9,9 +9,6 @@ on:
pull_request: pull_request:
workflow_dispatch: workflow_dispatch:
permissions:
contents: read
concurrency: concurrency:
group: ${{ github.workflow }}-${{ github.ref || github.run_id }} group: ${{ github.workflow }}-${{ github.ref || github.run_id }}
cancel-in-progress: true cancel-in-progress: true

6
.github/workflows/publish_documentation.yml vendored
View File

@@ -10,9 +10,6 @@ on:
- docs/examples/** - docs/examples/**
workflow_dispatch: workflow_dispatch:
permissions:
contents: write
# we don't want to have concurrent jobs, and we don't want to cancel running jobs to avoid broken publications # we don't want to have concurrent jobs, and we don't want to cancel running jobs to avoid broken publications
concurrency: concurrency:
group: documentation group: documentation
@@ -20,6 +17,9 @@ concurrency:
jobs: jobs:
publish_documentation: publish_documentation:
permissions:
contents: write
if: github.repository == 'nlohmann/json' if: github.repository == 'nlohmann/json'
runs-on: ubuntu-22.04 runs-on: ubuntu-22.04
steps: steps:

3
.github/workflows/scorecards.yml vendored
View File

@@ -14,9 +14,6 @@ on:
push: push:
branches: ["develop"] branches: ["develop"]
# Declare default permissions as read only.
permissions: read-all
jobs: jobs:
analysis: analysis:
name: Scorecard analysis name: Scorecard analysis

3
.github/workflows/ubuntu.yml vendored
View File

@@ -9,9 +9,6 @@ on:
pull_request: pull_request:
workflow_dispatch: workflow_dispatch:
permissions:
contents: read
concurrency: concurrency:
group: ${{ github.workflow }}-${{ github.ref || github.run_id }} group: ${{ github.workflow }}-${{ github.ref || github.run_id }}
cancel-in-progress: true cancel-in-progress: true

3
.github/workflows/windows.yml vendored
View File

@@ -9,9 +9,6 @@ on:
pull_request: pull_request:
workflow_dispatch: workflow_dispatch:
permissions:
contents: read
concurrency: concurrency:
group: ${{ github.workflow }}-${{ github.ref || github.run_id }} group: ${{ github.workflow }}-${{ github.ref || github.run_id }}
cancel-in-progress: true cancel-in-progress: true