Merge pull request #3272 from sashashura/patch-2
GitHub Workflows security hardening
This commit is contained in:
Shao Yu-Lung (Allen)
4
.github/workflows/build-deploy-docs.yml
vendored
4
.github/workflows/build-deploy-docs.yml
vendored
@@ -8,8 +8,12 @@ on:
|
|||||||
- '.github/workflows/build-deploy-docs.yml'
|
- '.github/workflows/build-deploy-docs.yml'
|
||||||
- 'DOCUMENTATION/**'
|
- 'DOCUMENTATION/**'
|
||||||
|
|
||||||
|
permissions: {}
|
||||||
jobs:
|
jobs:
|
||||||
build-deploy-docs:
|
build-deploy-docs:
|
||||||
|
permissions:
|
||||||
|
contents: write # to push pages branch (peaceiris/actions-gh-pages)
|
||||||
|
|
||||||
if: github.repository == 'laradock/laradock'
|
if: github.repository == 'laradock/laradock'
|
||||||
runs-on: ubuntu-20.04
|
runs-on: ubuntu-20.04
|
||||||
concurrency:
|
concurrency:
|
||||||
|
|||||||
3
.github/workflows/main-ci.yml
vendored
3
.github/workflows/main-ci.yml
vendored
@@ -11,6 +11,9 @@ on:
|
|||||||
schedule:
|
schedule:
|
||||||
- cron: '0 0 * * 0'
|
- cron: '0 0 * * 0'
|
||||||
|
|
||||||
|
permissions:
|
||||||
|
contents: read # to fetch code (actions/checkout)
|
||||||
|
|
||||||
jobs:
|
jobs:
|
||||||
build-php:
|
build-php:
|
||||||
# Don't trigger on schedule event when in a fork
|
# Don't trigger on schedule event when in a fork
|
||||||
|
|||||||
Reference in New Issue
Block a user