Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ci(publish): security update at publish.yml #10

Merged
merged 1 commit into from
Nov 15, 2024
Merged

ci(publish): security update at publish.yml #10

merged 1 commit into from
Nov 15, 2024

Conversation

JRocabruna
Copy link
Member

Description

Restrict 'packages: write' permission to publish job in publish.yml

Checklist

Please ensure the following guidelines are met:

  • The code follows the style guidelines of this project.
  • A self-review has been performed on the code.
  • The code is well-documented, and comments have been added where necessary.
  • Tests have been added to prove that the fix is effective or that the feature works. All existing tests pass.
  • Commit messages follow the convention type(scope): description.
  • The pull request has no conflicts with the base branch.
  • Any dependent changes have been merged and published in downstream modules.

Additional Information

Please provide any additional information or context here. If applicable, add screenshots to help explain the changes.

@DarkRockMountain-admin
ci(publish): security update at publish.yml
212c020 
Restrict 'packages: write' permission to publish job in publish.yml

- Set top-level permissions to 'contents: read' to follow the principle of least privilege.
- Scoped 'packages: write' permission to the 'publish' job to reduce security risks.
- Align workflow with GitHub's recommended security best practices.
@JRocabruna JRocabruna added the security Issues related to improving security. label Nov 15, 2024
@JRocabruna JRocabruna self-assigned this Nov 15, 2024
DarkRockMountain-admin
DarkRockMountain-admin approved these changes Nov 15, 2024
View reviewed changes
Copy link
Collaborator

@DarkRockMountain-admin DarkRockMountain-admin left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Comments

The update to restrict 'packages: write' permission to the publish job in publish.yml enhances the security of the workflow by adhering to the principle of least privilege.

Review Checklist

  • Code adheres to the project's coding guidelines.
  • Changes are well-documented.
  • Tests have been added/updated and pass successfully.
  • Commit messages follow the correct format: type(scope): description.
  • No conflicts with the base branch.

Approval

Approved: Changes look good and meet the project's contribution standards.

@DarkRockMountain-admin DarkRockMountain-admin merged commit 101cdca into develop Nov 15, 2024
5 checks passed
@DarkRockMountain-admin DarkRockMountain-admin deleted the fix/restrict-packages-write-permission branch November 15, 2024 14:59
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@DarkRockMountain-admin DarkRockMountain-admin DarkRockMountain-admin approved these changes

Assignees

@JRocabruna JRocabruna

Labels
security Issues related to improving security.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@JRocabruna @DarkRockMountain-admin