Skip to content

Specified default permissions for move-closed-issues.yaml#8696

Open
egcuriel wants to merge 1 commit into
hackforla:gh-pagesfrom
egcuriel:8584-specify-default-permissions
Open

Specified default permissions for move-closed-issues.yaml#8696
egcuriel wants to merge 1 commit into
hackforla:gh-pagesfrom
egcuriel:8584-specify-default-permissions

Conversation

@egcuriel

@egcuriel egcuriel commented Jun 10, 2026
edited
Loading

Copy link
Copy Markdown
Member

Fixes #8584

What changes did you make?

  • Added a top-level permissions: block to the .github/workflows/move-closed-issues.yaml file
  • Set the default contents permission to read

Why did you make the changes (we will use this info to test)?

  • To align the workflow with GitHub security recommendations by explicitly defining minimum required permissions
  • To minimize unnecessary privileges by restricting default repository access

CodeQL Alerts

After the PR has been submitted and the resulting GitHub actions/checks have been completed, developers should check the PR for CodeQL alert annotations.

Check the PR's comments. If present on your PR, the CodeQL alert looks similar as shown

Screenshot 2024-10-28 154514

Please let us know that you have checked for CodeQL alerts. Please do not dismiss alerts.

  • I have checked this PR for CodeQL alerts and none were found.
  • I found CodeQL alert(s), and (select one):
    • I have resolved the CodeQL alert(s) as noted
    • I believe the CodeQL alert(s) is a false positive (Merge Team will evaluate)
    • I have followed the Instructions below, but I am still stuck (Merge Team will evaluate)
Instructions for resolving CodeQL alerts

If CodeQL alert/annotations appear, refer to How to Resolve CodeQL alerts.

In general, CodeQL alerts should be resolved prior to PR reviews and merging

Screenshots of Proposed Changes To The Website (if any, please do not include screenshots of code changes)

  • No visual changes

Test Log

@HackforLABot HackforLABot mentioned this pull request Jun 10, 2026
Open
@github-actions

github-actions Bot commented Jun 10, 2026

Copy link
Copy Markdown

Want to review this pull request? Take a look at this documentation for a step by step guide!

From your project repository, check out a new branch and test the changes.

git checkout -b egcuriel-8584-specify-default-permissions gh-pages
git pull https://github.com/egcuriel/website.git 8584-specify-default-permissions

@github-actions github-actions Bot added role: back end/devOps Tasks for back-end developers Complexity: Medium Feature: Refactor GHA Refactoring GitHub actions to fit latest architectural norms size: 5pt Can be done in 19-30 hours labels Jun 10, 2026
@sushma110396 sushma110396 self-requested a review June 10, 2026 16:18
@sushma110396

sushma110396 commented Jun 10, 2026

Copy link
Copy Markdown
Member

ETA: 06/10 EOD
Availability: Weekdays after 6PM PST

@HackforLABot HackforLABot mentioned this pull request Jun 10, 2026
Open
sushma110396
sushma110396 approved these changes Jun 10, 2026
View reviewed changes

@sushma110396 sushma110396 left a comment
edited
Loading

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Verified the change locally. Simulated the workflow using act.

What works well:
Branch name is correct
Code change is correct
The testing details provided clearly show the job ran successfully and verifies the fix.
The issue has been linked
Codeql alerts have been checked off

PR looks good to me. Approved!

Suggestions
Just a small reminder to update the status of the issue to in progress from prioritized backlog.

@egcuriel

egcuriel commented Jun 11, 2026

Copy link
Copy Markdown
Member Author

Verified the change locally. Simulated the workflow using act.

What works well: Branch name is correct Code change is correct The testing details provided clearly show the job ran successfully and verifies the fix. The issue has been linked Codeql alerts have been checked off

PR looks good to me. Approved!

Suggestions Just a small reminder to update the status of the issue to in progress from prioritized backlog.

Hi @sushma110396!
Ah yes! Thank you for reminding me

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@sushma110396 sushma110396 sushma110396 approved these changes

At least 2 approving reviews are required to merge this pull request.

Assignees

No one assigned

Labels

Complexity: Medium Feature: Refactor GHA Refactoring GitHub actions to fit latest architectural norms role: back end/devOps Tasks for back-end developers size: 5pt Can be done in 19-30 hours

Projects

P: HfLA Website: Project Board
Status: PR Needs review

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Specify default permissions for move-closed-issues.yaml

2 participants

@egcuriel @sushma110396