From 7c488f801246548fd30419476ec93768a5438cf9 Mon Sep 17 00:00:00 2001 From: DanGould Date: Sat, 10 Aug 2024 12:44:53 -0400 Subject: [PATCH 1/2] Explicitly set security-audit permissions --- .github/workflows/security_audit.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/security_audit.yml b/.github/workflows/security_audit.yml index 7a2cfe3..ce24b19 100644 --- a/.github/workflows/security_audit.yml +++ b/.github/workflows/security_audit.yml @@ -9,6 +9,9 @@ on: jobs: security_audit: runs-on: ubuntu-latest + permissions: + contents: read + security-events: write steps: - uses: actions/checkout@v1 - uses: actions-rs/audit-check@v1 From 41c97cf28150f57614a9cb58cd9f9397354309eb Mon Sep 17 00:00:00 2001 From: DanGould Date: Sat, 10 Aug 2024 12:45:32 -0400 Subject: [PATCH 2/2] Pull request -> pull request target --- .github/workflows/security_audit.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/security_audit.yml b/.github/workflows/security_audit.yml index ce24b19..4f7f671 100644 --- a/.github/workflows/security_audit.yml +++ b/.github/workflows/security_audit.yml @@ -1,6 +1,6 @@ name: Security Audit on: - pull_request: + pull_request_target: paths: - '**/Cargo.toml' push: