diff --git a/.github/workflows/linter.yml b/.github/workflows/linter.yml index 511a0f5..4ae8aaf 100644 --- a/.github/workflows/linter.yml +++ b/.github/workflows/linter.yml @@ -21,6 +21,8 @@ on: pull_request: branches: [master, main] +permissions: none + ############### # Set the Job # ############### @@ -31,9 +33,10 @@ jobs: # Set the agent to run on runs-on: ubuntu-latest - # Set top-level permissions to read-only permissions: contents: read + packages: read + statuses: write ################## # Load all steps # @@ -45,7 +48,9 @@ jobs: - name: Checkout Code uses: actions/checkout@v4 with: - fetch-depth: 0 # Full git history for proper analysis + # Full git history is needed to get a proper + # list of changed files within `super-linter` + fetch-depth: 0 ################################ # Run Linter against code base # @@ -55,5 +60,3 @@ jobs: env: DEFAULT_BRANCH: main GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - permissions: - contents: write # Specific permission for this step if necessary