-
Notifications
You must be signed in to change notification settings - Fork 12.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Update azure-static-web-apps-ashy-river-0debb7803.yml #1265
base: main
Are you sure you want to change the base?
Conversation
Azure Static Web Apps: Your stage site is ready! Visit it here: https://ashy-river-0debb7803-1265.westeurope.1.azurestaticapps.net |
permissions: | ||
actions: read | ||
checks: write | ||
contents: read | ||
deployments: read | ||
pull-requests: write | ||
security-events: write |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Seems like this is the default recommendation but I don't think the token is used for security events for example. Can we reduce this to the minimum needed? From reading this workflow file it looks like it only needs to write back to PR comments
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks @alfredodeza - Updated permissions for prs and actions only
Azure Static Web Apps: Your stage site is ready! Visit it here: https://ashy-river-0debb7803-1265.westeurope.1.azurestaticapps.net |
This PR has not seen any action for a while! Closing for now, but it can be reopened at a later date. |
https://docs.opensource.microsoft.com/github/apps/permission-changes/
Starting February 1, 2024 the default permission for the GITHUB_TOKEN will change from Read/Write to Read-only for all our Open Source GitHub orgs. This is a breaking change to many workflows.