From 667f62aa331d2fe2ae93bf87b0ad297a97dcbcb0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pikach=C3=BA?= Date: Tue, 6 Feb 2024 08:00:30 +0000 Subject: [PATCH] change permissions for Github Token to read only --- .../azure-static-web-apps-gray-sand-07a10f403.yml | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/.github/workflows/azure-static-web-apps-gray-sand-07a10f403.yml b/.github/workflows/azure-static-web-apps-gray-sand-07a10f403.yml index c1747b15..7c39aebf 100644 --- a/.github/workflows/azure-static-web-apps-gray-sand-07a10f403.yml +++ b/.github/workflows/azure-static-web-apps-gray-sand-07a10f403.yml @@ -14,6 +14,13 @@ jobs: if: github.event_name == 'push' || (github.event_name == 'pull_request' && github.event.action != 'closed') runs-on: ubuntu-latest name: Build and Deploy Job + permissions: + actions: read + contents: read + deployments: read + packages: none + pull-requests: write + security-events: write steps: - uses: actions/checkout@v2 with: