Skip to content

ci: set minimum token permissions on main#2

Open
arpitjain099 wants to merge 1 commit into
pandas-dev:masterfrom
arpitjain099:chore/declare-workflow-perms
Open

ci: set minimum token permissions on main#2
arpitjain099 wants to merge 1 commit into
pandas-dev:masterfrom
arpitjain099:chore/declare-workflow-perms

Conversation

@arpitjain099
Copy link
Copy Markdown

@arpitjain099 arpitjain099 commented May 26, 2026

Declares permissions: contents: read at the workflow level for main.yml.

The doc preview workflow is read-only. Setting an explicit minimum scope follows GitHub's hardening guide and the OpenSSF Scorecard Token-Permissions check, and limits blast radius if any third-party action used here is ever compromised (the March 2025 tj-actions/changed-files token-leak incident).

YAML parses cleanly. No other changes.

@arpitjain099
ci: set minimum token permissions on main
493049d 
Signed-off-by: Arpit Jain <arpitjain099@gmail.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@arpitjain099