From f860fd5396fe60b906965fee5f872ba3d93e91a4 Mon Sep 17 00:00:00 2001 From: Hilmar Falkenberg Date: Mon, 20 Jan 2025 10:06:47 +0100 Subject: [PATCH] chore(security): add permissions to test action (#15) #### What this PR does / why we need it https://github.com/open-component-model/ocm-setup-action/security/code-scanning/3 #### Which issue(s) this PR fixes fixes: https://github.com/open-component-model/ocm-project/issues/372 --- .github/workflows/main.yaml | 5 ++++- README.md | 2 +- REUSE.toml | 2 +- 3 files changed, 6 insertions(+), 3 deletions(-) diff --git a/.github/workflows/main.yaml b/.github/workflows/main.yaml index 7bcc615..752e5ce 100644 --- a/.github/workflows/main.yaml +++ b/.github/workflows/main.yaml @@ -1,4 +1,7 @@ - +name: main-test +permissions: + contents: read + pull-requests: read "on": [push] jobs: diff --git a/README.md b/README.md index 103be26..88935d4 100644 --- a/README.md +++ b/README.md @@ -31,6 +31,6 @@ jobs: ## Licensing -Copyright 2024 SAP SE or an SAP affiliate company and Open Component Model contributors. +Copyright 2025 SAP SE or an SAP affiliate company and Open Component Model contributors. Please see our [LICENSE](LICENSE) for copyright and license information. Detailed information including third-party components and their licensing/copyright information is available [via the REUSE tool](https://api.reuse.software/info/github.com/open-component-model/ocm-setup-action). diff --git a/REUSE.toml b/REUSE.toml index fbe53fa..b54aaa1 100644 --- a/REUSE.toml +++ b/REUSE.toml @@ -7,5 +7,5 @@ SPDX-PackageComment = "The code in this project may include calls to APIs (\"API [[annotations]] path = "**" precedence = "aggregate" -SPDX-FileCopyrightText = "2024 SAP SE or an SAP affiliate company and Open Component Model contributors" +SPDX-FileCopyrightText = "2025 SAP SE or an SAP affiliate company and Open Component Model contributors" SPDX-License-Identifier = "Apache-2.0"