Remove GHA permissions where possible (#4812)

2024-11-22 08:25:07 +03:00 · 2024-01-11 15:05:04 -05:00 · 2024-01-11 15:05:04 -05:00 · 3ad1bb655a
commit 3ad1bb655a
parent 53548a46b8
2 changed files with 5 additions and 1 deletions
--- a/.github/workflows/ci-squared.yml
+++ b/.github/workflows/ci-squared.yml
@ -5,7 +5,7 @@ on:
  pull_request:
    paths:
      - .github/workflows/pkg.yml
-      - .github/workflows/pkg-for-platform.yml
+      - .github/workflows/pkg-platform.yml
      - .github/workflows/ci-squared.yml
 concurrency:
--- a/.github/workflows/pkg-platform.yml
+++ b/.github/workflows/pkg-platform.yml
@ -59,6 +59,7 @@ jobs:
    name: build ${{inputs.tinyname}}
    runs-on: ${{ fromJSON(inputs.os) }}
    container: ${{ inputs.container }}
    permissions: {}
    outputs:
      project: ${{ steps.build.outputs.project }}
      version: ${{ steps.build.outputs.version }}
@ -100,6 +101,7 @@ jobs:
      matrix:
        os: ${{ fromJSON(inputs.test-os) }}
        container: ${{ fromJSON(inputs.test-container) }}
    permissions: {}
    runs-on: ${{ matrix.os }}
    container: ${{ matrix.container }}
    env:
@ -117,6 +119,7 @@ jobs:
  bottle:
    name: bottle (${{inputs.tinyname}}.${{matrix.compression}})
    needs: [build, test]
    permissions: {}
    strategy:
      matrix:
        compression: [xz, gz]
@ -188,6 +191,7 @@ jobs:
    name: publish ${{inputs.tinyname}} ${{ inputs.dry-run && '(dry-run)' }}
    runs-on: ubuntu-latest
    needs: [bottle, build]
    permissions: {}
    env:
      DIRNAME: ${{ needs.build.outputs.project }}/${{ needs.build.outputs.platform }}/${{ needs.build.outputs.arch }}
    steps: