Add read permissions to GitHub workflow files

This commit adds read permissions for 'contents' in the GitHub workflow files sonarqube.yml and reuse.yml. This allows these specific workflows to access the relevant contents they need for execution.
wneessen · Mar 23, 2024 · c78388a · c78388a
1 parent 976adc5
commit c78388a
Show file tree

Hide file tree

Showing 2 changed files with 7 additions and 0 deletions.
diff --git a/.github/workflows/reuse.yml b/.github/workflows/reuse.yml
@@ -6,6 +6,9 @@ name: REUSE Compliance Check
 
 on: [push, pull_request]
 
+permissions:
+ contents: read
+
 jobs:
  test:
  runs-on: ubuntu-latest

diff --git a/.github/workflows/sonarqube.yml b/.github/workflows/sonarqube.yml
@@ -3,6 +3,10 @@
 # SPDX-License-Identifier: CC0-1.0
 
 name: SonarQube
+
+permissions:
+ contents: read
+
 on:
  push:
  branches: