[Security] Token permissions no. 2

2024-12-22 00:33:41 +01:00
parent b86eac20ea
commit f29d4db31e
10 changed files with 36 additions and 27 deletions
--- a/.github/workflows/PR-Demo-cleanup.yml
+++ b/.github/workflows/PR-Demo-cleanup.yml
@@ -4,9 +4,7 @@ on:
  pull_request:
    types: [opened, synchronize, reopened, closed]

-permissions:
-  contents: write
-  pull-requests: write
+permissions: read-all

 env:
  SERVER_IP: ${{ secrets.VPS_IP }}  # Add this to your GitHub secrets
@@ -15,6 +13,9 @@ env:
 jobs:
  cleanup:
    runs-on: ubuntu-latest
+    permissions:
+      contents: write
+      pull-requests: write
    if: github.event.action == 'closed'

    steps: