GitHub Action uses write-all permissions¶
write-all permission in a GitHub Action workflow grants the workflow write access on all scopes. Avoid granting unnecessary privileges to a GitHub Action workflows and only enable scopes that are necessary for the workflow execution.
permissions: write-all jobs: write-all: runs-on: ubuntu-latest steps: - uses: actions/checkout@v3
permissions: contents: read jobs: contents-read: runs-on: ubuntu-latest steps: - uses: actions/checkout@v3