verdnatura-mirror
/
loopback-datasource-juggler
mirror of https://github.com/loopbackio/loopback-datasource-juggler
0
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

ci: restrict GITHUB_TOKEN permissions 

Signed-off-by: Rifa Achrinza <25147899+achrinza@users.noreply.github.com>
This commit is contained in:
Rifa Achrinza 2021-09-11 14:05:53 +08:00
parent 5aa2d71a23
commit 9a58695740
1 changed files with 7 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
.github/workflows/ci.yaml vendored
View File

@ -9,6 +9,8 @@ on:
schedule: schedule:
- cron: '0 2 * * 1' # At 02:00 on Monday - cron: '0 2 * * 1' # At 02:00 on Monday
permissions: {}
jobs: jobs:
test: test:
name: Test name: Test
@ -102,6 +104,11 @@ jobs:
codeql: codeql:
name: CodeQL name: CodeQL
runs-on: ubuntu-latest runs-on: ubuntu-latest
permissions:
# See: https://github.com/github/codeql-action/blob/008b2cc71c4cf3401f45919d8eede44a65b4a322/README.md#usage
security-events: write
steps: steps:
- name: Checkout repository - name: Checkout repository
uses: actions/checkout@v2 uses: actions/checkout@v2