Skip to content

Commit

Permalink
Merge pull request #8451 from sashashura/patch-1
Browse files Browse the repository at this point in the history 
GitHub Workflows security hardening
  • Loading branch information
@orklah
orklah committed Sep 5, 2022
2 parents faf106e + a671079 commit 82be359
Showing 1 changed file with 7 additions and 0 deletions.
7 changes: 7 additions & 0 deletions .github/workflows/build-phar.yml
View file
Expand Up @@ -8,8 +8,13 @@ on:
types:
- published

permissions:
contents: read

jobs:
pre_job:
permissions:
actions: write
runs-on: ubuntu-latest
outputs:
should_skip: ${{ steps.skip_check.outputs.should_skip }}
Expand All @@ -24,6 +29,8 @@ jobs:
paths: '["bin/**", "assets/**", "build/**", "dictionaries/**", "src/**", "stubs/**", "psalm", "psalm-language-server", "psalm-plugin", "psalm-refactor", "psalter", "box.json.dist", "composer.json", "config.xsd", "keys.asc.gpg", "scoper.inc.php"]'

build-phar:
permissions:
contents: write # for release
needs: pre_job
if: ${{ needs.pre_job.outputs.should_skip != 'true' }}
runs-on: ubuntu-latest
Expand Down

0 comments on commit 82be359

Please sign in to comment.