From 740053f8bf5a2cd7487daf5286053d597fe0a25f Mon Sep 17 00:00:00 2001 From: Adnan Khan Date: Tue, 21 Oct 2025 15:39:05 -0400 Subject: [PATCH 1/4] ci: scope down permissions for export-to-serverlessland.yml --- .github/workflows/export-to-serverlessland.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/export-to-serverlessland.yml b/.github/workflows/export-to-serverlessland.yml index 48d4079df..383de4d70 100644 --- a/.github/workflows/export-to-serverlessland.yml +++ b/.github/workflows/export-to-serverlessland.yml @@ -11,6 +11,9 @@ on: description: "new pattern dir" required: true +permissions: + contents: write + jobs: copy: runs-on: ubuntu-latest From 35a893a17f3cb87bf5039b068cefde1c18d514c6 Mon Sep 17 00:00:00 2001 From: Adnan Khan Date: Tue, 21 Oct 2025 15:39:08 -0400 Subject: [PATCH 2/4] ci: scope down permissions for export-to-serverlessland-team.yml --- .github/workflows/export-to-serverlessland-team.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/export-to-serverlessland-team.yml b/.github/workflows/export-to-serverlessland-team.yml index ce78fb70a..b3b32b284 100644 --- a/.github/workflows/export-to-serverlessland-team.yml +++ b/.github/workflows/export-to-serverlessland-team.yml @@ -11,6 +11,9 @@ on: description: "new pattern dir" required: true +permissions: + contents: write + jobs: copy: runs-on: ubuntu-latest From 0583c6bd236eddfc2b478fcba25af7179aeec57a Mon Sep 17 00:00:00 2001 From: Adnan Khan Date: Tue, 21 Oct 2025 15:40:19 -0400 Subject: [PATCH 3/4] Change GitHub Actions permissions from write to read as workflow uses PAT --- .github/workflows/export-to-serverlessland-team.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/export-to-serverlessland-team.yml b/.github/workflows/export-to-serverlessland-team.yml index b3b32b284..70374f813 100644 --- a/.github/workflows/export-to-serverlessland-team.yml +++ b/.github/workflows/export-to-serverlessland-team.yml @@ -12,7 +12,7 @@ on: required: true permissions: - contents: write + contents: read jobs: copy: From c0a57b818bd50093a8a91c23bcb1c772db4a5352 Mon Sep 17 00:00:00 2001 From: Adnan Khan Date: Tue, 21 Oct 2025 15:40:35 -0400 Subject: [PATCH 4/4] Change GitHub Action permissions from write to read as workflow uses PAT --- .github/workflows/export-to-serverlessland.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/export-to-serverlessland.yml b/.github/workflows/export-to-serverlessland.yml index 383de4d70..2c57b2d90 100644 --- a/.github/workflows/export-to-serverlessland.yml +++ b/.github/workflows/export-to-serverlessland.yml @@ -12,7 +12,7 @@ on: required: true permissions: - contents: write + contents: read jobs: copy: