write-all permission should not be used.
❌
name: test
jobs:
foo:
runs-on: ubuntu-latest
permissions: write-all # Don't use write-all
steps:
- run: echo foo⭕
name: test
jobs:
foo:
runs-on: ubuntu-latest
permissions:
contents: write
steps:
- run: echo fooFor least privilege. You should grant only necessary permissions.