From f5ebce6d68c5162da9cbe4fcd1ad91b8a0b1ecd7 Mon Sep 17 00:00:00 2001
From: Jussi Kukkonen <jku@goto.fi>
Date: Wed, 3 Nov 2021 23:38:07 +0200
Subject: [PATCH] docs(config): avoid over-exposing GITHUB_TOKEN (#332)

The GITHUB_TOKEN in this example _should_ be just read-only token but in any case secrets should not be exposed to code that does not need them. In this case pip does not need to authenticate to GitHub.
---
 docs/usage/configuration.rst | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/docs/usage/configuration.rst b/docs/usage/configuration.rst
index f816bc61..fae9d6a1 100644
--- a/docs/usage/configuration.rst
+++ b/docs/usage/configuration.rst
@@ -121,10 +121,10 @@ parallel build is finished::
         runs-on: ubuntu-latest
         container: python:3-slim
         steps:
+        - name: Install coveralls
+          run: pip3 install --upgrade coveralls
         - name: Finished
-          run: |
-            pip3 install --upgrade coveralls
-            coveralls --service=github --finish
+          run: coveralls --service=github --finish
           env:
             GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}