Merge pull request #3272 from sashashura/patch-2

GitHub Workflows security hardening
This commit is contained in:
Shao Yu-Lung (Allen) 2022-12-01 08:15:55 +08:00 committed by GitHub
commit 3226fb95cc
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 7 additions and 0 deletions

View File

@ -8,8 +8,12 @@ on:
- '.github/workflows/build-deploy-docs.yml' - '.github/workflows/build-deploy-docs.yml'
- 'DOCUMENTATION/**' - 'DOCUMENTATION/**'
permissions: {}
jobs: jobs:
build-deploy-docs: build-deploy-docs:
permissions:
contents: write # to push pages branch (peaceiris/actions-gh-pages)
if: github.repository == 'laradock/laradock' if: github.repository == 'laradock/laradock'
runs-on: ubuntu-20.04 runs-on: ubuntu-20.04
concurrency: concurrency:

View File

@ -11,6 +11,9 @@ on:
schedule: schedule:
- cron: '0 0 * * 0' - cron: '0 0 * * 0'
permissions:
contents: read # to fetch code (actions/checkout)
jobs: jobs:
build-php: build-php:
# Don't trigger on schedule event when in a fork # Don't trigger on schedule event when in a fork