Add read permissions to GitHub workflows

The reuse and docker-publish workflow scripts in GitHub Actions have been updated. Now these scripts have permission to read contents. This will ensure secure access and controlled operations on repositories.
This commit is contained in:
Winni Neessen 2024-03-17 20:16:27 +01:00
parent ba891efd37
commit ef8e334df0
Signed by: wneessen
GPG key ID: 5F3AF39B820C119D
2 changed files with 5 additions and 0 deletions

View file

@ -19,6 +19,9 @@ on:
pull_request: pull_request:
branches: [ main ] branches: [ main ]
permissions:
contents: read
env: env:
# Use docker.io for Docker Hub if empty # Use docker.io for Docker Hub if empty
REGISTRY: ghcr.io REGISTRY: ghcr.io

View file

@ -3,6 +3,8 @@
# SPDX-License-Identifier: CC0-1.0 # SPDX-License-Identifier: CC0-1.0
name: REUSE Compliance Check name: REUSE Compliance Check
permissions:
contents: read
on: [push, pull_request] on: [push, pull_request]