wroclaw-git-backups/nix
1
0
Fork 0
mirror of https://github.com/NixOS/nix synced 2025-06-29 10:31:15 +02:00
Code Activity

Restrict permissions

Browse source
This commit is contained in:
Eelco Dolstra 2025-02-21 02:07:16 +01:00
parent 53c03a0161
commit dece94fe25
1 changed files with 6 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

9
.github/workflows/ci.yml vendored
View file

@ -12,9 +12,6 @@ on:
permissions: permissions:
id-token: "write" id-token: "write"
contents: "read" contents: "read"
pull-requests: "write"
statuses: "write"
deployments: "write"
jobs: jobs:
eval: eval:
@ -142,6 +139,12 @@ jobs:
if: github.event_name != 'merge_group' if: github.event_name != 'merge_group'
needs: build_x86_64-linux needs: build_x86_64-linux
runs-on: blacksmith runs-on: blacksmith
permissions:
id-token: "write"
contents: "read"
pull-requests: "write"
statuses: "write"
deployments: "write"
steps: steps:
- name: Checkout nix - name: Checkout nix
uses: actions/checkout@v4 uses: actions/checkout@v4