1
0
mirror of https://github.com/TeamNewPipe/NewPipe synced 2024-12-21 23:50:32 +00:00

Merge pull request #8569 from mhmdanas/add-workflow-permissions

Use minimum required permissions for GitHub workflows
This commit is contained in:
Stypox 2022-07-13 18:56:10 +02:00 committed by GitHub
commit 0b644fd794
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 21 additions and 1 deletions

View File

@ -31,6 +31,10 @@ on:
jobs:
build-and-test-jvm:
runs-on: ubuntu-latest
permissions:
contents: read
steps:
- uses: actions/checkout@v3
- uses: gradle/wrapper-validation-action@v1
@ -64,6 +68,10 @@ jobs:
matrix:
# api-level 19 is min sdk, but throws errors related to desugaring
api-level: [ 21, 29 ]
permissions:
contents: read
steps:
- uses: actions/checkout@v3
@ -81,7 +89,7 @@ jobs:
# workaround to emulator bug: https://github.com/ReactiveCircus/android-emulator-runner/issues/160
emulator-build: 7425822
script: ./gradlew connectedCheck --stacktrace
- name: Upload test report when tests fail # because the printed out stacktrace (console) is too short, see also #7553
uses: actions/upload-artifact@v3
if: failure()
@ -91,6 +99,10 @@ jobs:
sonar:
runs-on: ubuntu-latest
permissions:
contents: read
steps:
- uses: actions/checkout@v3
with:

View File

@ -6,6 +6,10 @@ on:
issues:
types: [opened, edited]
permissions:
issues: write
pull-requests: write
jobs:
try-minimize:
runs-on: ubuntu-latest

View File

@ -9,6 +9,10 @@ on:
# Run daily at midnight.
- cron: '0 0 * * *'
permissions:
issues: write
pull-requests: write
jobs:
noResponse:
runs-on: ubuntu-latest