Skip to content

Commit

Permalink
[#1559] SECURITY: Fix code scanning alert - Token-Permissions in code…
Browse files Browse the repository at this point in the history 
…ql-analysis.yml

Closes #1559
  • Loading branch information
@remkop
remkop committed Jan 31, 2022
1 parent 93d88fe commit 22c2d94
Show file tree
Hide file tree
Showing 2 changed files with 3 additions and 0 deletions.
2 changes: 2 additions & 0 deletions .github/workflows/codeql-analysis.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,8 @@ on:
schedule:
- cron: '37 2 * * 5'

permissions: read-all

jobs:
analyze:
name: Analyze
Expand Down
1 change: 1 addition & 0 deletions RELEASE-NOTES.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -54,6 +54,7 @@ Picocli follows [semantic versioning](http://semver.org/).
* [#1555] SECURITY: Fix code scanning alert - Create SECURITY.md
* [#1556][#1557] SECURITY: Fix code scanning alert - SAST
* [#1558] SECURITY: Fix code scanning alert - Pinned-Dependencies in codeql-analysis.yml
* [#1559] SECURITY: Fix code scanning alert - Token-Permissions in codeql-analysis.yml
* [#1491] BUILD: Add build job in CI; Thanks to [Goooler](https://github.com/Goooler) for the pull request.
* [#1482] BUILD: Optimize gradle; Thanks to [Goooler](https://github.com/Goooler) for the pull request.
* [#1461] BUILD: Allow publishing without signing for non-release versions. Thanks to [Andreas Deininger](https://github.com/deining) for raising this.
Expand Down

0 comments on commit 22c2d94

Please sign in to comment.