chore: Set permissions for GitHub actions (#3225) - searxng - Privacy-respecting federated metasearch engine

diff options

author	nathannaveen <42319948+nathannaveen@users.noreply.github.com>	2022-05-24 14:07:23 -0500
committer	Alexandre FLAMENT <alexandre.flament@hesge.ch>	2022-11-04 16:50:43 +0000
commit	b5ce39b5368f755329c3b0c4daa4245247deaa73 (patch)
tree	c37cbaa255a391cd93e457b47591e9e07e389d94 /SECURITY.md
parent	7101c5ecf2bcdc17b9050512c83c57cf721a451d (diff)
download	searxng-b5ce39b5368f755329c3b0c4daa4245247deaa73.tar.gz searxng-b5ce39b5368f755329c3b0c4daa4245247deaa73.zip

chore: Set permissions for GitHub actions (#3225)

Restrict the GitHub token permissions only to the required ones; this way, even if the attackers will succeed in compromising your workflow, they won’t be able to do much. - Included permissions for the action. https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs [Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/) Signed-off-by: nathannaveen <42319948+nathannaveen@users.noreply.github.com>

Diffstat (limited to 'SECURITY.md')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: