Gitiles
Code Review Sign In
gerrit.openfyde.cn / chromium.googlesource.com / external / liblouis-github / 372ff977fd99b1d60b5b95441923113b099d685f
commit372ff977fd99b1d60b5b95441923113b099d685f[log] [tgz]
authorChristian Egli <christian.egli@sbs.ch>Wed Jan 18 11:43:45 2023 +0100
committerChristian Egli <christian.egli@sbs.ch>Wed Jan 18 11:43:45 2023 +0100
tree14a7b088dbd2ac0f0708881f3112a5330fffc0c1
parent4ff1d62d0c04626337cbc1fa93d40f7bdf98a774 [diff]
Set the token permissions to contents: read

This fixes a number of code scanning alerts such as
https://github.com/liblouis/liblouis/security/code-scanning/46.

The fix was provided by https://app.stepsecurity.io/

Two alerts were not fixed as the stepsecurity tool did not provide the
usual fix by setting the token permission. Instead it suggested to use
a "Harden Runner". ATM I do not understand the implications of that so
I postponed this.

So for mingw.yml and for emscripten.yml the alerts remain.
8 files changed
tree: 14a7b088dbd2ac0f0708881f3112a5330fffc0c1
  1. .github/
  2. build-aux/
  3. contrib/
  4. doc/
  5. extra/
  6. gnulib/
  7. liblouis/
  8. m4/
  9. man/
  10. python/
  11. tables/
  12. tests/
  13. tools/
  14. windows/
  15. README.orgREADME
  16. .clang-format
  17. .dir-locals.el
  18. .dockerignore
  19. .gitignore
  20. ANNOUNCEMENT
  21. AUTHORS
  22. autogen.sh
  23. ChangeLog
  24. configure.ac
  25. COPYING
  26. COPYING.LESSER
  27. Dockerfile
  28. Dockerfile.win32
  29. Dockerfile.win64
  30. Doxyfile
  31. HACKING
  32. liblouis.pc.in
  33. libyaml_mingw.patch
  34. License.md
  35. Makefile.am
  36. NEWS
  37. README
  38. README.windows
  39. SECURITY.md
  40. TODO