Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Scope app token to only this repo for security #501

Merged
merged 1 commit into from
Mar 21, 2024

Conversation

jeffwidman
Copy link
Member

#442 bumped to a new version of this action which now supports a "repositories" key that scopes the token to the designated repositories.

#442 bumped to a new version
of this action which now supports a `"repositories"` key that scopes the token
to the designated repositories.
@jeffwidman jeffwidman requested a review from a team as a code owner March 21, 2024 03:49
@jeffwidman
Copy link
Member Author

I don't think this is a big deal either way, but it can't hurt and since I saw the note about it while merging #442, thought I'd throw this up there as well.

@jeffwidman
Copy link
Member Author

CI won't check this, we'll only find out if it's working when we try to build/do a release... but again, not a big risk because easy to revert if we run into problems.

@jeffwidman jeffwidman merged commit 3e1bcb9 into main Mar 21, 2024
6 checks passed
@jeffwidman jeffwidman deleted the scope-token-to-only-this-repo branch March 21, 2024 04:19
jeffwidman added a commit that referenced this pull request Mar 21, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants