|
|
|
|
|
|
by beaugunderson
450 days ago
|
|
|
Temporary action tokens have full write by default; you have to explicitly opt for a read-only version. > Read and write permissions
> Workflows have read and write permissions in the repository for all scopes.
If you read this line of the documentation (https://docs.github.com/en/actions/security-for-github-actio...) you might think otherwise: > If the default permissions for the GITHUB_TOKEN are restrictive, you may have to elevate the permissions to allow some actions and commands to run successfully.
But I can confirm that in our GitHub organization "Read and write permissions" was the default, and thus that line of documentation makes no sense. |
|
|