Skip to content

Commit fe293fd

Browse files
authored
refactor(ci): update centralized workflow references to common- prefix (#82)
* refactor(ci): update centralized workflow references to common- prefix check-semantic-pr.yml and build-docs.yml were renamed to common-check-semantic-pr.yml and common-build-docs.yml in reqstool/.github as part of the workflow directory flatten refactor. Signed-off-by: Jimisola Laursen <jimisola@jimisola.com> * fix(ci): add explicit permissions blocks to workflow wrappers Fixes CodeQL alert: workflow does not limit GITHUB_TOKEN permissions. Signed-off-by: Jimisola Laursen <jimisola@jimisola.com> --------- Signed-off-by: Jimisola Laursen <jimisola@jimisola.com>
1 parent 6cb629b commit fe293fd

2 files changed

Lines changed: 8 additions & 2 deletions

File tree

.github/workflows/build-docs.yml

Lines changed: 4 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -10,6 +10,9 @@ on:
1010
paths:
1111
- "docs/**"
1212

13+
permissions:
14+
contents: read
15+
1316
jobs:
1417
build:
15-
uses: reqstool/.github/.github/workflows/build-docs.yml@main
18+
uses: reqstool/.github/.github/workflows/common-build-docs.yml@main

.github/workflows/check-semantic-pr.yml

Lines changed: 4 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -5,6 +5,9 @@ on:
55
pull_request_target:
66
types: [opened, edited, synchronize, reopened]
77

8+
permissions:
9+
pull-requests: read
10+
811
jobs:
912
check:
10-
uses: reqstool/.github/.github/workflows/check-semantic-pr.yml@main
13+
uses: reqstool/.github/.github/workflows/common-check-semantic-pr.yml@main

0 commit comments

Comments
 (0)