diff --git a/.github/workflows/changelog.yml b/.github/workflows/changelog.yml index 1eb2b65..a3a3443 100644 --- a/.github/workflows/changelog.yml +++ b/.github/workflows/changelog.yml @@ -9,13 +9,15 @@ concurrency: group: ${{ github.workflow }}-${{ github.ref }} cancel-in-progress: true -permissions: read-all +permissions: + contents: read jobs: debug-changelog: runs-on: ubuntu-latest - permissions: write-all + permissions: + contents: read steps: - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 diff --git a/.github/workflows/linters.yml b/.github/workflows/linters.yml index a5ff5d6..9499c82 100644 --- a/.github/workflows/linters.yml +++ b/.github/workflows/linters.yml @@ -11,7 +11,8 @@ concurrency: group: ${{ github.workflow }}-${{ github.ref }} cancel-in-progress: true -permissions: read-all +permissions: + contents: read jobs: Linter: diff --git a/.github/workflows/new-release.yml b/.github/workflows/new-release.yml index 5cad4b6..45456a9 100644 --- a/.github/workflows/new-release.yml +++ b/.github/workflows/new-release.yml @@ -11,13 +11,15 @@ concurrency: group: ${{ github.workflow }}-${{ github.ref }} cancel-in-progress: true -permissions: read-all +permissions: + contents: read jobs: new-daily-release: runs-on: ubuntu-latest - permissions: write-all + permissions: + contents: write outputs: created: ${{ steps.daily-version.outputs.created }} diff --git a/.github/workflows/pre-commit-autoupdate.yml b/.github/workflows/pre-commit-autoupdate.yml index 55247ee..a44ab2d 100644 --- a/.github/workflows/pre-commit-autoupdate.yml +++ b/.github/workflows/pre-commit-autoupdate.yml @@ -12,7 +12,8 @@ concurrency: group: ${{ github.workflow }}-${{ github.ref }} cancel-in-progress: true -permissions: read-all +permissions: + contents: read jobs: auto-update: diff --git a/.github/workflows/semantic-pr.yml b/.github/workflows/semantic-pr.yml index f882012..a4e7ab8 100644 --- a/.github/workflows/semantic-pr.yml +++ b/.github/workflows/semantic-pr.yml @@ -14,7 +14,8 @@ concurrency: group: ${{ github.workflow }}-${{ github.ref }} cancel-in-progress: true -permissions: read-all +permissions: + pull-requests: read jobs: semantic-pr: diff --git a/.github/workflows/sync-labels.yml b/.github/workflows/sync-labels.yml index aab4089..09a5e85 100644 --- a/.github/workflows/sync-labels.yml +++ b/.github/workflows/sync-labels.yml @@ -19,7 +19,8 @@ concurrency: group: ${{ github.workflow }}-${{ github.ref }} cancel-in-progress: true -permissions: read-all +permissions: + contents: read jobs: SyncLabels: diff --git a/.github/workflows/update-submodules.yml b/.github/workflows/update-submodules.yml index 9b304c1..a32d76f 100644 --- a/.github/workflows/update-submodules.yml +++ b/.github/workflows/update-submodules.yml @@ -12,13 +12,15 @@ concurrency: group: ${{ github.workflow }}-${{ github.ref }} cancel-in-progress: true -permissions: read-all +permissions: + contents: read jobs: update-submodules: runs-on: ubuntu-latest - permissions: write-all + permissions: + contents: write steps: - name: Checkout repository