Sakurai/pdf.js
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
16,050 Commits 1 Branch 80 Tags 254 MiB
3c8d8f0d02
Commit Graph

4 Commits

Author SHA1 Message Date
neilnaveen
83ecc3f46c
chore: Set permissions for GitHub actions 
Restrict the GitHub token permissions only to the required ones; this way, even if the attackers will succeed in compromising your workflow, they won’t be able to do much.

- Included permissions for the action. https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions

https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions

https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs

[Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/)

Signed-off-by: neilnaveen <42328488+neilnaveen@users.noreply.github.com>
 2022-06-25 15:32:33 +02:00
Tim van der Meij
349fc51f2c
Update GitHub Actions workflow steps to the most recent versions 2022-04-02 16:21:43 +02:00
tiziodcaio
1a380b5736
Update Checkout to version 3 
Uses node 16 as default
 2022-03-11 14:35:06 +01:00
Tim van der Meij
574fed2bdf
Improve the code analysis workflow with quality checks 
This allows us to get the quality checks that LGTM does into GitHub
Advanced Security. Since it not only runs security checks anymore, the
workflow is also renamed to CodeQL to make this more explicit (and this
matches the documentation better).
 2021-07-31 15:33:07 +02:00