From 364eeffcc45fd6c4b053a7fdc7d1c8598c45c565 Mon Sep 17 00:00:00 2001 From: Cindy Hill <110551331+cinderellasecure@users.noreply.github.com> Date: Thu, 30 Oct 2025 12:07:03 -0600 Subject: [PATCH 1/3] Potential fix for code scanning alert no. 3: Workflow does not contain permissions Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> --- .github/workflows/lighthouse.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/lighthouse.yml b/.github/workflows/lighthouse.yml index 7cd07238..c7bb0d2c 100644 --- a/.github/workflows/lighthouse.yml +++ b/.github/workflows/lighthouse.yml @@ -1,4 +1,6 @@ name: Lighthouse +permissions: + contents: read on: [pull_request] From ee2e1379ba33a6c5e88eeae0446e61c36649f491 Mon Sep 17 00:00:00 2001 From: Cindy Hill <110551331+cinderellasecure@users.noreply.github.com> Date: Thu, 30 Oct 2025 12:07:04 -0600 Subject: [PATCH 2/3] Potential fix for code scanning alert no. 4: Workflow does not contain permissions Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> --- .github/workflows/nodejs.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/nodejs.yml b/.github/workflows/nodejs.yml index 6d84019f..20993d56 100644 --- a/.github/workflows/nodejs.yml +++ b/.github/workflows/nodejs.yml @@ -1,4 +1,6 @@ name: Build +permissions: + contents: read on: pull_request: From 201fdab1b56a81c4c588b743bd54ca5207d37900 Mon Sep 17 00:00:00 2001 From: Cindy Hill <110551331+cinderellasecure@users.noreply.github.com> Date: Thu, 30 Oct 2025 12:07:05 -0600 Subject: [PATCH 3/3] Potential fix for code scanning alert no. 5: Workflow does not contain permissions Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> --- .github/workflows/publish.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index 264bdd37..fe88fc50 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -1,4 +1,6 @@ name: Publish +permissions: + contents: read on: release: