Skip to content

Potential fix for code scanning alert no. 11: Workflow does not contain permissions#56

Merged
mircomir merged 1 commit into
masterfrom
alert-autofix-11
Jul 9, 2026
Merged

Potential fix for code scanning alert no. 11: Workflow does not contain permissions#56
mircomir merged 1 commit into
masterfrom
alert-autofix-11

Conversation

@mircomir

@mircomir mircomir commented Jul 9, 2026

Copy link
Copy Markdown
Owner

Potential fix for https://github.com/mircomir/jxrlib/security/code-scanning/11

Add an explicit permissions block to the workflow file .github/workflows/c-cpp.yml at the top level (recommended here since there is only one job). Set least privilege required for current behavior:

  • contents: read

This preserves existing functionality (actions/checkout and make) while constraining GITHUB_TOKEN permissions.

Suggested fixes powered by Copilot Autofix. Review carefully before merging.

…in permissions

Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
@mircomir mircomir marked this pull request as ready for review July 9, 2026 14:08
@mircomir mircomir merged commit fdf6bc4 into master Jul 9, 2026
4 checks passed
@mircomir mircomir deleted the alert-autofix-11 branch July 9, 2026 14:10
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant