-
Notifications
You must be signed in to change notification settings - Fork 101
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Set permissions: contents: write
#347
Conversation
Codecov Report
@@ Coverage Diff @@
## master #347 +/- ##
=======================================
Coverage 94.76% 94.76%
=======================================
Files 20 20
Lines 630 630
=======================================
Hits 597 597
Misses 33 33 Continue to review full report at Codecov.
|
Thanks for the contribution, @rikhuijzer Looks like a few more files in More generally, are there more restricted permissions we could set then PkgTemplates is fairly widely used so whatever permissions we set here can end up being set across many packages, so i'd be keen to set the minimal required :) |
Yeah, I strongly recommend only giving the minimum necessary set of permissions. |
permissions: write-all
permissions: contents: write
Yes. Well spotted. Would you agree that permissions:
contents: write is good? This is now used at julia-actions/julia-docdeploy#21. I've tested it at https://github.com/rikhuijzer/DiscountedCashFlows.jl/commits/main commits 4f85500df75d6efc78e999ed78e201a17f74216d and d19106abd4de732fdecc8d64aa1e176058dc855c. |
Yeah, I think you'll also need to rebase this on Finally, if you bump the Project.toml version to the next non-breaking version, i'll make a release with this change as soon as it's merged Thanks again! |
permissions: | ||
contents: write |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm not sure whether this is enough for the register action. The GitHub Actions scope elements are very poorly documented (e.g., https://github.blog/changelog/2021-04-20-github-actions-control-permissions-for-github_token/)
Great. Thanks for the instructions. I won't have time to continue working on this. If you want to get it merged quickly, then feel free to make some further adjustements |
thanks for your work, @rikhuijzer hopefully i can get this over the line from here. i must admit Github Actions is not something i'm too familiar with. I wonder if @DilumAluthge might be able to give this PR a review? |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks again!
Setting
permissions: contents: write
is required in new repositories for theGITHUB_TOKEN
to work. See also JuliaDocs/Documenter.jl#1819 and julia-actions/julia-docdeploy#21Without it, people might get an error like
Please double-check whether I haven't missed a place in PkgTemplates.jl where this setting should be set too