-
-
Notifications
You must be signed in to change notification settings - Fork 30
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Reducing security risk in our GitHub workflows #125
Comments
As a precaution for JupyterLab Desktop, can we harden its publish action? CC @mbektas:
Or maybe some of these are not needed in the first place. |
At |
I think these changes make sense for precaution. |
@conda-incubator/setup-miniconda maintainer creator here 😶 ... no pressure 😆 |
We have switched the default behavior for this org to "Workflows have read permissions in the repository for the contents scope only" to utilize GitHub Actions: Control permissions for GITHUB_TOKEN . See also jupyterhub/team-compass#404
An example PR that allows fine-grained permissions is jupyterlab/jupyterlab#10136.
The text was updated successfully, but these errors were encountered: