Added permissions to override repo/org settings w/ least privileges…

… required for improved security (https://cwe.mitre.org/data/definitions/275.html)
KudoAI · Jan 11, 2025 · 2c851d0 · 2c851d0
1 parent 822f3c3
commit 2c851d0
Show file tree

Hide file tree

Showing 2 changed files with 6 additions and 0 deletions.
diff --git a/.github/workflows/lint-on-push-pr.yml b/.github/workflows/lint-on-push-pr.yml
@@ -1,6 +1,9 @@
 name: Lint pushes + PRs
 on: [push, pull_request]
 
+permissions:
+  contents: read
+
 jobs:
 
   js-json-md-yaml-lint:

diff --git a/.github/workflows/sync-changes.yml b/.github/workflows/sync-changes.yml
@@ -5,6 +5,9 @@ on:
     branches: [main]
     paths: ["**", "!.*"]
 
+permissions:
+  contents: read
+
 jobs:
   build:
     if: (github.repository == 'KudoAI/duckduckgpt') && (github.event.commits[0].committer.username != 'kudo-sync-bot')