mirror of
https://github.com/decke/smtprelay.git
synced 2026-04-25 12:55:54 +03:00
[PR #178] [MERGED] [StepSecurity] ci: Harden GitHub Actions #181
Labels
No labels
bug
pull-request
No milestone
No project
No assignees
1 participant
Notifications
Due date
No due date set.
Dependencies
No dependencies set.
Reference
starred/smtprelay#181
Loading…
Add table
Add a link
Reference in a new issue
No description provided.
Delete branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
📋 Pull Request Information
Original PR: https://github.com/decke/smtprelay/pull/178
Author: @step-security-bot
Created: 2/4/2025
Status: ✅ Merged
Merged: 2/4/2025
Merged by: @decke
Base:
master← Head:stepsecurity_remediation_1738661311📝 Commits (1)
d1415c5[StepSecurity] ci: Harden GitHub Actions📊 Changes
1 file changed (+3 additions, -0 deletions)
View changed files
📝
.github/workflows/codeql-analysis.yml(+3 -0)📄 Description
Summary
This pull request is created by StepSecurity at the request of @decke. Please merge the Pull Request to incorporate the requested changes. Please tag @decke on your message if you have any questions related to the PR.
Security Fixes
Least Privileged GitHub Actions Token Permissions
The GITHUB_TOKEN is an automatically generated secret to make authenticated calls to the GitHub API. GitHub recommends setting minimum token permissions for the GITHUB_TOKEN.
Feedback
For bug reports, feature requests, and general feedback; please email support@stepsecurity.io. To create such PRs, please visit https://app.stepsecurity.io/securerepo.
Signed-off-by: StepSecurity Bot bot@stepsecurity.io
🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.