Skip to content

Potential fix for code scanning alert no. 2: Workflow does not contain permissions#34

Merged
beebus merged 1 commit into
mainfrom
alert-autofix-2
May 17, 2026
Merged

Potential fix for code scanning alert no. 2: Workflow does not contain permissions#34
beebus merged 1 commit into
mainfrom
alert-autofix-2

Conversation

@beebus
Copy link
Copy Markdown
Owner

@beebus beebus commented May 17, 2026

Potential fix for https://github.com/beebus/dnd-interactive-maps/security/code-scanning/2

Add an explicit permissions block to the workflow, scoped to the minimum needed by this job:

  • contents: read for actions/checkout.
  • issues: write because the workflow explicitly creates a GitHub issue when Bandit findings exist.

Best single fix without changing functionality: add the permissions at the workflow root (after on:), so all jobs inherit safe defaults unless overridden. In this file, edit .github/workflows/code-quality.yml near lines 3–5 to insert:

permissions:
  contents: read
  issues: write

No imports, methods, or dependency changes are needed.

Suggested fixes powered by Copilot Autofix. Review carefully before merging.

@beebus @github-advanced-security
Potential fix for code scanning alert no. 2: Workflow does not contai…
ec39d4e 
…n permissions

Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
@beebus beebus self-assigned this May 17, 2026
@beebus beebus marked this pull request as ready for review May 17, 2026 16:28
@beebus beebus merged commit 4634a85 into main May 17, 2026
6 checks passed
@beebus beebus deleted the alert-autofix-2 branch May 17, 2026 16:29
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@beebus beebus

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@beebus