From ee7c165f1a1ea575577fdc06c23b865a5c8ec8a5 Mon Sep 17 00:00:00 2001 From: Jeffrey Paul Date: Mon, 7 Jul 2025 16:01:04 -0500 Subject: [PATCH 1/6] Potential fix for code scanning alert no. 4: Workflow does not contain permissions Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> --- .github/workflows/build-release-zip.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/build-release-zip.yml b/.github/workflows/build-release-zip.yml index b3058f3..7605ca7 100644 --- a/.github/workflows/build-release-zip.yml +++ b/.github/workflows/build-release-zip.yml @@ -1,13 +1,13 @@ name: Build release zip +permissions: + contents: read + actions: write + on: workflow_dispatch: release: types: [published] - -jobs: - build_zip: - name: New release runs-on: ubuntu-latest steps: From 55ada00e3190ae1d81a6630f05e8d71ea741e58e Mon Sep 17 00:00:00 2001 From: Jeffrey Paul Date: Mon, 7 Jul 2025 16:01:21 -0500 Subject: [PATCH 2/6] Potential fix for code scanning alert no. 2: Workflow does not contain permissions Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> --- .github/workflows/stable.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/stable.yml b/.github/workflows/stable.yml index 9fda9bd..1ebab6a 100644 --- a/.github/workflows/stable.yml +++ b/.github/workflows/stable.yml @@ -1,5 +1,8 @@ name: Build Stable branch +permissions: + contents: write + on: push: branches: From 90f05781bd0d2340e47faa051d4b454d1303afc8 Mon Sep 17 00:00:00 2001 From: Jeffrey Paul Date: Mon, 7 Jul 2025 16:01:34 -0500 Subject: [PATCH 3/6] Potential fix for code scanning alert no. 1: Workflow does not contain permissions Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> --- .github/workflows/testing.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/testing.yml b/.github/workflows/testing.yml index 4e64eb1..3c0ea16 100644 --- a/.github/workflows/testing.yml +++ b/.github/workflows/testing.yml @@ -1,5 +1,8 @@ name: Functional Test +permissions: + contents: read + on: pull_request: push: From f37f60e0bc08360ef3f4ef88e2a3380f627280df Mon Sep 17 00:00:00 2001 From: Jeffrey Paul Date: Mon, 7 Jul 2025 16:01:46 -0500 Subject: [PATCH 4/6] Potential fix for code scanning alert no. 3: Workflow does not contain permissions Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> --- .github/workflows/phpcs.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/phpcs.yml b/.github/workflows/phpcs.yml index 0a6d89c..e34ba8f 100644 --- a/.github/workflows/phpcs.yml +++ b/.github/workflows/phpcs.yml @@ -9,6 +9,9 @@ on: branches: - develop +permissions: + contents: read + jobs: phpcs: runs-on: ubuntu-latest From 57306264ed77995f7afb50b9c01a7718d155ae9c Mon Sep 17 00:00:00 2001 From: Jeffrey Paul Date: Tue, 8 Jul 2025 12:30:38 -0500 Subject: [PATCH 5/6] Update build-release-zip.yml --- .github/workflows/build-release-zip.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.github/workflows/build-release-zip.yml b/.github/workflows/build-release-zip.yml index 7605ca7..f78beac 100644 --- a/.github/workflows/build-release-zip.yml +++ b/.github/workflows/build-release-zip.yml @@ -8,6 +8,10 @@ on: workflow_dispatch: release: types: [published] + +jobs: + build_zip: + name: New release runs-on: ubuntu-latest steps: From 02ae35f20db97f646a781199dd1794149f510783 Mon Sep 17 00:00:00 2001 From: Darin Kotter Date: Tue, 8 Jul 2025 12:30:06 -0600 Subject: [PATCH 6/6] Remove extra spaces --- .github/workflows/build-release-zip.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build-release-zip.yml b/.github/workflows/build-release-zip.yml index f78beac..2808f38 100644 --- a/.github/workflows/build-release-zip.yml +++ b/.github/workflows/build-release-zip.yml @@ -11,7 +11,7 @@ on: jobs: build_zip: - name: New release + name: New release runs-on: ubuntu-latest steps: