Skip to content

fix: add readonly permissions to workflow#503

Open
imor wants to merge 1 commit into
masterfrom
rs/add-missing-permissions
Open

fix: add readonly permissions to workflow#503
imor wants to merge 1 commit into
masterfrom
rs/add-missing-permissions

Conversation

@imor

@imor imor commented Jul 18, 2026

Copy link
Copy Markdown
Contributor

Fix for https://github.com/supabase/dbdev/security/code-scanning/1

Add an explicit permissions block to the workflow to enforce least privilege for GITHUB_TOKEN.

Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
@vercel

vercel Bot commented Jul 18, 2026

Copy link
Copy Markdown

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Actions Updated (UTC)
dbdev Ready Ready Preview, Comment Jul 18, 2026 11:59am

Request Review

@supabase

supabase Bot commented Jul 18, 2026

Copy link
Copy Markdown

This pull request has been ignored for the connected project xmuptpplfviifrbwmmtv because there are no changes detected in supabase directory. You can change this behaviour in Project Integrations Settings ↗︎.


Preview Branches by Supabase.
Learn more about Supabase Branching ↗︎.

@imor imor changed the title Potential fix for code scanning alert no. 1: Workflow does not contain permissions fix: add readonly permissions to workflow Jul 18, 2026
@imor
imor marked this pull request as ready for review July 18, 2026 12:00
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant