Skip to content

Potential fix for code scanning alert no. 8: Workflow does not contain permissions#46

Closed
thihathit wants to merge 2 commits into
masterfrom
alert-autofix-8
Closed

Potential fix for code scanning alert no. 8: Workflow does not contain permissions#46
thihathit wants to merge 2 commits into
masterfrom
alert-autofix-8

Conversation

@thihathit

Copy link
Copy Markdown
Owner

Potential fix for https://github.com/thihathit/rutter/security/code-scanning/8

Add an explicit permissions block in .github/workflows/ci.yml at the workflow root (top-level), so all jobs inherit least-privilege defaults.
Best single change without altering intended functionality is to set:

  • contents: read

This satisfies checkout/read-only CI tasks and addresses CodeQL’s requirement. If any step later fails due to missing scopes, add only the specific additional permission needed at that job level.

Suggested fixes powered by Copilot Autofix. Review carefully before merging.

Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
@thihathit thihathit marked this pull request as ready for review May 24, 2026 07:47
@pkg-pr-new

pkg-pr-new Bot commented May 24, 2026

Copy link
Copy Markdown

Open in StackBlitz

npm i https://pkg.pr.new/rutter@46

commit: 78fe97f

Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
@thihathit thihathit closed this May 24, 2026
@thihathit thihathit deleted the alert-autofix-8 branch May 24, 2026 07:50
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant