From 20b719b603587dd311087ad338bb92836e534e6f Mon Sep 17 00:00:00 2001 From: Jibran Garcia Date: Wed, 25 Sep 2024 18:27:00 +0000 Subject: [PATCH] Set permissions for nodejs and publish workflows --- .github/workflows/nodejs.yml | 3 +++ .github/workflows/publish.yml | 5 +++++ 2 files changed, 8 insertions(+) diff --git a/.github/workflows/nodejs.yml b/.github/workflows/nodejs.yml index ab27d81..f6d1fb0 100644 --- a/.github/workflows/nodejs.yml +++ b/.github/workflows/nodejs.yml @@ -1,5 +1,7 @@ name: Node.js CI on: [push] +permissions: + contents: read jobs: build: runs-on: ubuntu-latest @@ -14,3 +16,4 @@ jobs: - run: npm test env: CI: true + diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index c1b229d..bb5f94c 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -4,6 +4,11 @@ on: release: types: [created] +permissions: + contents: read + packages: write + metadata: read + jobs: publish-npm: runs-on: ubuntu-latest