Home Explore Help
Register Sign In
FangSoftSoft
/
Marked
mirror of https://github.com/markedjs/marked.git
2
0
Fork 0
Files Issues 0 Wiki
Browse Source

GitHub Workflows security hardening (#2570)

Update tests.yml

Signed-off-by: sashashura <93376818+sashashura@users.noreply.github.com>

Signed-off-by: sashashura <93376818+sashashura@users.noreply.github.com>
Alex 3 years ago
parent
a22280cf3e
commit
d1523c8541
1 changed files with 5 additions and 0 deletions
Unified View Show Diff Stats
  1. 5 0
      .github/workflows/tests.yml

+ 5 - 0
.github/workflows/tests.yml
View File 

@@ -5,6 +5,9 @@ on:
 
     branches:
 
     branches:
 
       - master
 
       - master
 
 
 
+permissions:
 
+  contents: read
 
+
 
 jobs:
 
 jobs:
 
   Test:
 
   Test:
 
     if: "!contains(github.event.head_commit.message, '[skip ci]')"
 
     if: "!contains(github.event.head_commit.message, '[skip ci]')"
 
@@ -39,6 +42,8 @@ jobs:
 
         run: npm run test:lint
 
         run: npm run test:lint
 
 
 
   Release:
 
   Release:
 
+    permissions:
 
+      contents: write
 
     needs: [Test, Lint]
 
     needs: [Test, Lint]
 
     if: |
 
     if: |
 
       github.ref == 'refs/heads/master' &&
 
       github.ref == 'refs/heads/master' &&