shadowfacts/fonttools
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
9,646 Commits 1 Branch 0 Tags
Commit Graph

4 Commits

Author SHA1 Message Date
nathannaveen
83f69028a3 chore: Set permissions for GitHub actions 
Restrict the GitHub token permissions only to the required ones; this way, even if the attackers will succeed in compromising your workflow, they won’t be able to do much.

- Included permissions for the action. https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions

https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions

https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs

[Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/)

Signed-off-by: nathannaveen <42319948+nathannaveen@users.noreply.github.com>
 2022-06-23 00:58:26 +00:00
Nikolaus Waxweiler
40015efe60 Update GitHub Actions 2022-04-26 11:16:49 +01:00
Cosimo Lupo
4af216dde4
publish.yml: fix tag pattern 
we don't use the leading 'v' for fonttools tags
 2020-12-04 19:32:05 +00:00
Nikolaus Waxweiler
018a798fdd Add GitHub Actions integration 2020-11-20 10:06:27 +00:00