From 2619fc7d6d72f489c001b95a1bd36c04f24327ae Mon Sep 17 00:00:00 2001 From: "aikido-autofix[bot]" <119856028+aikido-autofix[bot]@users.noreply.github.com> Date: Tue, 7 Jul 2026 03:03:55 +0000 Subject: [PATCH] fix(security): autofix Overly Broad Permissions in GitHub Actions Workflows is risky --- .github/workflows/release.yml | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 3114ce8..2884262 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -5,13 +5,14 @@ on: tags: - 'v*' -permissions: - id-token: write # Required for OIDC trusted publishing - contents: write # Required for creating GitHub releases +permissions: {} jobs: publish: runs-on: ubuntu-latest + permissions: + id-token: write # Required for OIDC trusted publishing + contents: write # Required for creating GitHub releases steps: - name: Checkout uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2