From 9c58d2bf0db2dd13a43807f94aa61dd94fe80e1d Mon Sep 17 00:00:00 2001 From: Dilum Aluthge Date: Mon, 9 Aug 2021 03:57:21 -0400 Subject: [PATCH] CI (Buildbot, GHA): add a note about token permissions (#41825) (cherry picked from commit 7005b7d68be7e6dddb6fba70de855df0abdf3c22) --- .github/workflows/statuses.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/statuses.yml b/.github/workflows/statuses.yml index 0fcb8b37586e49..df86caa3acee30 100644 --- a/.github/workflows/statuses.yml +++ b/.github/workflows/statuses.yml @@ -10,6 +10,7 @@ # Here are some steps that we take in this workflow file for security reasons: # 1. We do not checkout any code. # 2. We do not run any external actions. +# 3. We only give `GITHUB_TOKEN` the minimum necessary set of permissions. name: Statuses