ivuorinen/base-configs-markdownlint
1
0
Fork 0
mirror of https://github.com/ivuorinen/base-configs-markdownlint.git synced 2026-03-01 13:54:01 +00:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: ivuorinen:v1.0.4
Branches Tags
ivuorinen:main ivuorinen:renovate/ivuorinen-actions-2026.x
ivuorinen:v1.0.5 ivuorinen:v1.0.4 ivuorinen:v1.0.3 ivuorinen:v1.0.2 ivuorinen:v1.0.1 ivuorinen:v1.0.0
...
compare: ivuorinen:main
Branches Tags
ivuorinen:renovate/ivuorinen-actions-2026.x ivuorinen:main
ivuorinen:v1.0.5 ivuorinen:v1.0.4 ivuorinen:v1.0.3 ivuorinen:v1.0.2 ivuorinen:v1.0.1 ivuorinen:v1.0.0

2 Commits
v1.0.4 ... main

Author SHA1 Message Date
semantic-release-bot
754c285835 chore(release): 1.0.5 [skip ci] 
## [1.0.5](https://github.com/ivuorinen/base-configs-markdownlint/compare/v1.0.4...v1.0.5) (2026-02-27)

### Bug Fixes

* **ci:** use GITHUB_TOKEN for semantic-release and harden workflow permissions ([9e10b3e](9e10b3e2b2))
 2026-02-27 20:53:04 +00:00
Ismo Vuorinen
9e10b3e2b2 fix(ci): use GITHUB_TOKEN for semantic-release and harden workflow permissions 
Replace secrets.PAT with secrets.GITHUB_TOKEN in publish.yml so
semantic-release can comment on PRs/issues using the built-in token
scoped by job-level permissions.

Set top-level permissions to empty object across all workflows to
follow the principle of least privilege, relying on job-level
permissions blocks instead.
 2026-02-27 22:50:49 +02:00
7 changed files with 15 additions and 9 deletions
Expand all files Collapse all files

2
.github/workflows/codeql.yml vendored
View File

@@ -21,6 +21,8 @@ on:
schedule: schedule:
- cron: "22 8 * * 0" - cron: "22 8 * * 0"
permissions: {}
jobs: jobs:
analyze: analyze:
name: Analyze (${{ matrix.language }}) name: Analyze (${{ matrix.language }})

2
.github/workflows/pr-lint.yml vendored
View File

@@ -10,7 +10,7 @@ concurrency:
group: ${{ github.workflow }}-${{ github.ref }} group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true cancel-in-progress: true
permissions: read-all permissions: {}
env: env:
NPM_TOKEN: ${{ secrets.NPM_TOKEN }} NPM_TOKEN: ${{ secrets.NPM_TOKEN }}

4
.github/workflows/publish.yml vendored
View File

@@ -6,7 +6,7 @@ on:
branches: branches:
- main - main
permissions: read-all permissions: {}
env: env:
NPM_TOKEN: ${{ secrets.NPM_TOKEN }} NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
@@ -72,5 +72,5 @@ jobs:
- name: Semantic Release - name: Semantic Release
uses: cycjimmy/semantic-release-action@b12c8f6015dc215fe37bc154d4ad456dd3833c90 # v6.0.0 uses: cycjimmy/semantic-release-action@b12c8f6015dc215fe37bc154d4ad456dd3833c90 # v6.0.0
env: env:
GITHUB_TOKEN: ${{ secrets.PAT }} GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
NPM_TOKEN: ${{ secrets.NPM_TOKEN }} NPM_TOKEN: ${{ secrets.NPM_TOKEN }}

5
.github/workflows/stale.yml vendored
View File

@@ -8,10 +8,7 @@ on:
workflow_call: workflow_call:
workflow_dispatch: workflow_dispatch:
permissions: permissions: {}
contents: read
packages: read
statuses: read
jobs: jobs:
stale: stale:

2
.github/workflows/sync-labels.yml vendored
View File

@@ -20,7 +20,7 @@ concurrency:
group: ${{ github.workflow }}-${{ github.ref }} group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true cancel-in-progress: true
permissions: read-all permissions: {}
jobs: jobs:
labels: labels:

7
CHANGELOG.md
View File

@@ -3,6 +3,13 @@
All notable changes to this project will be documented in this file. See All notable changes to this project will be documented in this file. See
[Conventional Commits](https://conventionalcommits.org) for commit guidelines. [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
## [1.0.5](https://github.com/ivuorinen/base-configs-markdownlint/compare/v1.0.4...v1.0.5) (2026-02-27)
### Bug Fixes
* **ci:** use GITHUB_TOKEN for semantic-release and harden workflow permissions ([9e10b3e](https://github.com/ivuorinen/base-configs-markdownlint/commit/9e10b3e2b29aeab91e801302ec4d210de9c72cc3))
## [1.0.4](https://github.com/ivuorinen/base-configs-markdownlint/compare/v1.0.3...v1.0.4) (2026-02-27) ## [1.0.4](https://github.com/ivuorinen/base-configs-markdownlint/compare/v1.0.3...v1.0.4) (2026-02-27)

2
package.json
View File

@@ -1,6 +1,6 @@
{ {
"name": "@ivuorinen/markdownlint-config", "name": "@ivuorinen/markdownlint-config",
"version": "1.0.4", "version": "1.0.5",
"type": "module", "type": "module",
"description": "ivuorinen's shareable configuration for markdownlint.", "description": "ivuorinen's shareable configuration for markdownlint.",
"author": { "author": {