Investigate what permissions are needed for our Github actions.

Question

Investigate what permissions are needed for our Github actions.

Closed this issue 19 days ago · 1 comments

🐛 Security

Scorecard mentions that Github actions shouldn't just blankly have read and write permissions. I think some make sense to have full access while other don't need full read and write access.

Github outlines what permissions should be assigned for actions.

Here's also a link about permissions in github actions

Answer 1 · 2024-07-08T17:09:23.000Z

Spiked, are actions need read and write and they're written by us.