From cd239cd21e66590f5f8711824a93ef35b2b8df50 Mon Sep 17 00:00:00 2001 From: ron-tsarevsky Date: Wed, 10 Sep 2025 16:21:31 +0300 Subject: [PATCH 1/7] add workflow permissions Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> --- .github/workflows/android-build-scripts-did.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/android-build-scripts-did.yml b/.github/workflows/android-build-scripts-did.yml index 8fb74fb..2213cb0 100644 --- a/.github/workflows/android-build-scripts-did.yml +++ b/.github/workflows/android-build-scripts-did.yml @@ -1,4 +1,6 @@ name: android build scripts +permissions: + contents: write on: pull_request: From 56ebf5a09e37c744133d104221f8db30f59ca09d Mon Sep 17 00:00:00 2001 From: ron-tsarevsky Date: Wed, 10 Sep 2025 16:22:52 +0300 Subject: [PATCH 2/7] add workflow permissions Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> --- .github/workflows/ios-build-scripts-did.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/ios-build-scripts-did.yml b/.github/workflows/ios-build-scripts-did.yml index 3d3d7bd..b240561 100644 --- a/.github/workflows/ios-build-scripts-did.yml +++ b/.github/workflows/ios-build-scripts-did.yml @@ -12,6 +12,8 @@ on: required: true default: '16.1' +permissions: + contents: write jobs: build-main-on-macos-sonoma: name: ios main on sonoma From f567df2f8964e474cbabe0e01977eaa16578d8d6 Mon Sep 17 00:00:00 2001 From: ron-tsarevsky Date: Wed, 10 Sep 2025 16:28:00 +0300 Subject: [PATCH 3/7] add workflow permissions Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> --- .github/workflows/periodic-builds-apple.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/periodic-builds-apple.yml b/.github/workflows/periodic-builds-apple.yml index 6b3b19b..abf9c7d 100644 --- a/.github/workflows/periodic-builds-apple.yml +++ b/.github/workflows/periodic-builds-apple.yml @@ -1,4 +1,6 @@ name: apple nightly builds +permissions: + contents: read on: schedule: From 8fea8ec9252695cf74e2db660640a1b6aa380688 Mon Sep 17 00:00:00 2001 From: ron-tsarevsky Date: Wed, 10 Sep 2025 16:31:07 +0300 Subject: [PATCH 4/7] add workflow permissions Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> --- .github/workflows/tvos-build-scripts.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/tvos-build-scripts.yml b/.github/workflows/tvos-build-scripts.yml index eaee3ab..97aec82 100644 --- a/.github/workflows/tvos-build-scripts.yml +++ b/.github/workflows/tvos-build-scripts.yml @@ -1,4 +1,6 @@ name: tvos build scripts +permissions: + contents: read on: push: From d81b9e8704e20477e8f07b4091a513ab828721e6 Mon Sep 17 00:00:00 2001 From: ron-tsarevsky Date: Wed, 10 Sep 2025 16:32:58 +0300 Subject: [PATCH 5/7] add workflow permissions Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> --- .github/workflows/periodic-builds-android.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/periodic-builds-android.yml b/.github/workflows/periodic-builds-android.yml index d164696..e3930ae 100644 --- a/.github/workflows/periodic-builds-android.yml +++ b/.github/workflows/periodic-builds-android.yml @@ -1,4 +1,6 @@ name: android nightly builds +permissions: + contents: read on: schedule: From e7919ed80644c01cb623bdae7ffc024142d62acd Mon Sep 17 00:00:00 2001 From: ron-tsarevsky Date: Wed, 10 Sep 2025 16:37:02 +0300 Subject: [PATCH 6/7] add workflow permissions Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> --- .github/workflows/linux-build-scripts.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/linux-build-scripts.yml b/.github/workflows/linux-build-scripts.yml index a42e980..893f057 100644 --- a/.github/workflows/linux-build-scripts.yml +++ b/.github/workflows/linux-build-scripts.yml @@ -1,4 +1,6 @@ name: linux build scripts +permissions: + contents: read on: push: From af73d51f675e191acfd6b15c2793b948bcf4ec88 Mon Sep 17 00:00:00 2001 From: ron-tsarevsky Date: Wed, 10 Sep 2025 16:40:09 +0300 Subject: [PATCH 7/7] add workflow permissions Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> --- .github/workflows/macos-build-scripts.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/macos-build-scripts.yml b/.github/workflows/macos-build-scripts.yml index d76fcfe..9d2e319 100644 --- a/.github/workflows/macos-build-scripts.yml +++ b/.github/workflows/macos-build-scripts.yml @@ -1,4 +1,6 @@ name: macos build scripts +permissions: + contents: read on: push: