Skip to content

Potential fix for code scanning alert no. 2: Workflow does not contain permissions#28

Merged
sreenathnair merged 1 commit into
mainfrom
alert-autofix-2
Jun 11, 2026
Merged

Potential fix for code scanning alert no. 2: Workflow does not contain permissions#28
sreenathnair merged 1 commit into
mainfrom
alert-autofix-2

Conversation

@sreenathnair

Copy link
Copy Markdown
Member

Potential fix for https://github.com/PDBeurope/AFDB-Integration-Kit/security/code-scanning/2

Add an explicit top-level permissions block in .github/workflows/docker.yml so all jobs inherit least-privilege defaults.
Best single fix without changing behavior: set:

  • contents: read

This is the minimal permission needed for actions/checkout and aligns with CodeQL guidance. No new imports, methods, or dependencies are needed—just YAML workflow configuration.

Suggested fixes powered by Copilot Autofix. Review carefully before merging.

…n permissions

Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
@sreenathnair sreenathnair marked this pull request as ready for review June 11, 2026 10:05
@sreenathnair sreenathnair merged commit 8b47f02 into main Jun 11, 2026
9 checks passed
@sreenathnair sreenathnair deleted the alert-autofix-2 branch June 11, 2026 10:05
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant