Skip to content

Commit f71dde2

Browse files
bashandbonebashandbone
committed
Update permissions structure in release workflow
1 parent 660e387 commit f71dde2

File tree

1 file changed

+10
-5
lines changed

1 file changed

+10
-5
lines changed

.github/workflows/release.yml

Lines changed: 10 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -4,10 +4,6 @@
44

55
name: Release
66

7-
permissions:
8-
contents: write
9-
id-token: write
10-
117
on:
128
push:
139
tags:
@@ -19,6 +15,8 @@ env:
1915
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
2016

2117
jobs:
18+
permissions:
19+
contents: write
2220
create-release:
2321
runs-on: ubuntu-latest
2422
steps:
@@ -33,6 +31,8 @@ jobs:
3331
build:
3432
runs-on: ${{ matrix.os }}
3533
needs: [create-release]
34+
permissions:
35+
contents: write
3636
strategy:
3737
fail-fast: false
3838
matrix:
@@ -71,6 +71,8 @@ jobs:
7171
name: Create GitHub Release
7272
needs: [build, publish]
7373
runs-on: ubuntu-latest
74+
permissions:
75+
contents: write
7476
steps:
7577
- uses: actions/checkout@v6
7678

@@ -96,8 +98,11 @@ jobs:
9698
needs: [build]
9799
runs-on: ubuntu-latest
98100
environment: cratesio
101+
permissions:
102+
contents: read
103+
id-token: write
99104
steps:
100-
- uses: actions/checkout@v4
105+
- uses: actions/checkout@v6
101106
with:
102107
submodules: recursive
103108
- uses: actions-rs/toolchain@v1

0 commit comments

Comments
 (0)