cgeek/nvm
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

[actions] restrict permissions for GITHUB_TOKEN

Browse Source
This commit is contained in:
Step Security
2021-09-10 06:09:45 +00:00
committed by Jordan Harband
parent 2dad0455ec
commit 59532c74c6
8 changed files with 32 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
.github/workflows/latest-npm.yml vendored
View File

@@ -4,6 +4,8 @@ on: [pull_request, push]
jobs:
nodes:
permissions:
contents: read
name: 'nvm install-latest-npm'
runs-on: ubuntu-latest
@@ -44,6 +46,8 @@ jobs:
- run: npm --version
node:
permissions:
contents: none
name: 'nvm install-latest-npm'
needs: [nodes]
runs-on: ubuntu-latest