From 60324676f1b31b6d6c1e4ff33ab39df6e843895a Mon Sep 17 00:00:00 2001 From: Cindy Hill <110551331+cinderellasecure@users.noreply.github.com> Date: Tue, 4 Nov 2025 13:35:19 -0700 Subject: [PATCH 1/3] Potential fix for code scanning alert no. 3: Workflow does not contain permissions Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> --- .github/workflows/nodejs.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/nodejs.yml b/.github/workflows/nodejs.yml index d947a49..42add4c 100644 --- a/.github/workflows/nodejs.yml +++ b/.github/workflows/nodejs.yml @@ -8,6 +8,8 @@ on: jobs: build: + permissions: + contents: read runs-on: ubuntu-22.04 steps: From 6081157471368698d90caede06dc2f27935f2596 Mon Sep 17 00:00:00 2001 From: Cindy Hill <110551331+cinderellasecure@users.noreply.github.com> Date: Tue, 4 Nov 2025 13:35:19 -0700 Subject: [PATCH 2/3] Potential fix for code scanning alert no. 4: Workflow does not contain permissions Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> --- .github/workflows/publish.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index b73d739..94686e7 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -1,4 +1,6 @@ name: Publish +permissions: + contents: read on: release: From 7e76765cf802a3553974bf230e6346e9e5b3a857 Mon Sep 17 00:00:00 2001 From: Jason White Date: Thu, 6 Nov 2025 10:50:52 -0700 Subject: [PATCH 3/3] Update .github/workflows/publish.yml Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> --- .github/workflows/publish.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index 94686e7..dd1cd1d 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -1,6 +1,7 @@ name: Publish permissions: contents: read + packages: write on: release: