From 1a6f8844fe6beeb80966bc095ad5117d880e680c Mon Sep 17 00:00:00 2001 From: Peter Kurhajec <61538034+PTKu@users.noreply.github.com> Date: Sat, 13 Dec 2025 18:07:45 +0100 Subject: [PATCH 1/6] Potential fix for code scanning alert no. 6: Workflow does not contain permissions Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> --- .github/workflows/pr-dev.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/pr-dev.yml b/.github/workflows/pr-dev.yml index bc8c44661..5012f2632 100644 --- a/.github/workflows/pr-dev.yml +++ b/.github/workflows/pr-dev.yml @@ -1,4 +1,6 @@ name: pr-dev +permissions: + contents: read on: pull_request: From f06ed31922e7a5e83f0871d79666433b8ec5073d Mon Sep 17 00:00:00 2001 From: Peter Kurhajec <61538034+PTKu@users.noreply.github.com> Date: Sat, 13 Dec 2025 18:10:14 +0100 Subject: [PATCH 2/6] Potential fix for code scanning alert no. 7: Workflow does not contain permissions Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> --- .github/workflows/single_app_run.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/single_app_run.yml b/.github/workflows/single_app_run.yml index f881e15ba..dd2d2fb88 100644 --- a/.github/workflows/single_app_run.yml +++ b/.github/workflows/single_app_run.yml @@ -1,4 +1,6 @@ name: single_app_run +permissions: + contents: read on: workflow_dispatch: inputs: From 091c86eebe3aad72b0ff988cc804eb475f4d9df1 Mon Sep 17 00:00:00 2001 From: Peter Kurhajec <61538034+PTKu@users.noreply.github.com> Date: Sat, 13 Dec 2025 18:11:22 +0100 Subject: [PATCH 3/6] Potential fix for code scanning alert no. 5: Workflow does not contain permissions Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> --- .github/workflows/release.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index f74d42911..9d0bce721 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -1,4 +1,6 @@ name: release +permissions: + contents: read on: push: From 3a57ed2209c0d7b099384c3dcbdb977ae67c2ef7 Mon Sep 17 00:00:00 2001 From: Peter Kurhajec <61538034+PTKu@users.noreply.github.com> Date: Sat, 13 Dec 2025 18:12:07 +0100 Subject: [PATCH 4/6] Potential fix for code scanning alert no. 4: Workflow does not contain permissions Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> --- .github/workflows/publish.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index 4561839c4..0f6a0e60f 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -3,6 +3,9 @@ name: publish on: workflow_dispatch: +permissions: + contents: read + jobs: build: strategy: From a97e4e2f60710b969d4816372fff106c5a0aa6ac Mon Sep 17 00:00:00 2001 From: Peter Kurhajec <61538034+PTKu@users.noreply.github.com> Date: Sat, 13 Dec 2025 18:12:42 +0100 Subject: [PATCH 5/6] Potential fix for code scanning alert no. 3: Workflow does not contain permissions Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> --- .github/workflows/master.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/master.yml b/.github/workflows/master.yml index 5b159bcfc..6adaa9337 100644 --- a/.github/workflows/master.yml +++ b/.github/workflows/master.yml @@ -1,4 +1,6 @@ name: master +permissions: + contents: read on: push: From 4f4d84c18a59786845e632b251c3047db4795cbd Mon Sep 17 00:00:00 2001 From: Peter Kurhajec <61538034+PTKu@users.noreply.github.com> Date: Sat, 13 Dec 2025 18:14:19 +0100 Subject: [PATCH 6/6] Potential fix for code scanning alert no. 1: Workflow does not contain permissions Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> --- .github/workflows/nightly.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/nightly.yml b/.github/workflows/nightly.yml index bc74b6884..cee3d166c 100644 --- a/.github/workflows/nightly.yml +++ b/.github/workflows/nightly.yml @@ -1,4 +1,6 @@ name: nightly +permissions: + contents: read on: workflow_dispatch : branches :