Skip to content

.github/workflows: Remove unnecessary GITHUB_TOKEN. #110

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
gtrrz-victor merged 1 commit into from
Jan 28, 2026
Merged

.github/workflows: Remove unnecessary GITHUB_TOKEN. #110

gtrrz-victor merged 1 commit into from
Jan 28, 2026
+1 −7

Conversation

@toothbrush
Copy link
Contributor

@toothbrush toothbrush commented Jan 28, 2026
edited by cursor bot
Loading

Description

I don't believe we need GITHUB_TOKEN to install tools. The mise install action grabs publicly-downloadable tools, let's apply the principle of least privilege here.

Note

Removes unnecessary with.github_token configuration from jdx/mise-action@v3 across workflows.

  • Updates ci.yml, lint.yml, and release.yml to run mise-action without GITHUB_TOKEN
  • No changes to the functional steps for tests, linting, or release

Written by Cursor Bugbot for commit f39fc07. This will update automatically on new commits. Configure here.

@toothbrush
.github/workflows: I don't believe we need GITHUB_TOKEN to install to…
f39fc07 
…ols.

The `mise install` action grabs publicly-downloadable tools, let's apply
the principle of least privilege here.
Copilot AI review requested due to automatic review settings January 28, 2026 01:28
Copilot AI reviewed Jan 28, 2026
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR updates GitHub Actions workflows to stop passing GITHUB_TOKEN into the jdx/mise-action@v3 step, aligning with least-privilege principles for tool installation.

Changes:

  • Remove the github_token: ${{ secrets.GITHUB_TOKEN }} input from jdx/mise-action@v3 in release.yml.
  • Remove the github_token: ${{ secrets.GITHUB_TOKEN }} input from jdx/mise-action@v3 in lint.yml.
  • Remove the github_token: ${{ secrets.GITHUB_TOKEN }} input from jdx/mise-action@v3 in ci.yml and clean up a trailing-space formatting issue.

Reviewed changes

Copilot reviewed 3 out of 3 changed files in this pull request and generated no comments.

File Description
.github/workflows/release.yml Stops passing GITHUB_TOKEN to jdx/mise-action@v3 during release workflow setup.
.github/workflows/lint.yml Stops passing GITHUB_TOKEN to jdx/mise-action@v3 in the lint workflow.
.github/workflows/ci.yml Stops passing GITHUB_TOKEN to jdx/mise-action@v3 in CI and normalizes the runs-on line formatting.

@toothbrush toothbrush marked this pull request as ready for review January 28, 2026 01:31
@toothbrush toothbrush requested a review from a team as a code owner January 28, 2026 01:31
@gtrrz-victor gtrrz-victor merged commit 62ba9af into main Jan 28, 2026
10 checks passed
@gtrrz-victor gtrrz-victor deleted the 20260128-no-unnecessary-github-token branch January 28, 2026 01:42
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@gtrrz-victor gtrrz-victor gtrrz-victor approved these changes

Assignees

No one assigned

Labels

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@toothbrush @gtrrz-victor