From e347c67d71514d4f814a497a912e7100a199e1ab Mon Sep 17 00:00:00 2001 From: Gregory Oschwald Date: Thu, 23 Jan 2025 15:18:39 -0800 Subject: [PATCH] Add emptyp permission blocks As requested by zizmor. --- .github/workflows/address-sanitizer.yml | 3 +++ .github/workflows/clang-analyzer.yml | 2 ++ .github/workflows/codeql-analysis.yml | 2 ++ .github/workflows/release.yml | 2 ++ .github/workflows/test-libmaxminddb.yml | 2 ++ .github/workflows/test.yml | 2 ++ .github/workflows/zizmor.yml | 2 ++ 7 files changed, 15 insertions(+) diff --git a/.github/workflows/address-sanitizer.yml b/.github/workflows/address-sanitizer.yml index dde5bcc..4935b0e 100644 --- a/.github/workflows/address-sanitizer.yml +++ b/.github/workflows/address-sanitizer.yml @@ -4,6 +4,9 @@ on: pull_request: schedule: - cron: '13 15 * * SUN' + +permissions: {} + jobs: build: name: Address Sanitizer diff --git a/.github/workflows/clang-analyzer.yml b/.github/workflows/clang-analyzer.yml index 1c5460f..0fd30ab 100644 --- a/.github/workflows/clang-analyzer.yml +++ b/.github/workflows/clang-analyzer.yml @@ -6,6 +6,8 @@ on: schedule: - cron: '3 15 * * SUN' +permissions: {} + jobs: clang-analyzer: name: Clang Static Analysis diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index e9969c7..7c36265 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -8,6 +8,8 @@ on: schedule: - cron: '0 18 * * 0' +permissions: {} + jobs: CodeQL-Build: diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 5f13aac..fd62a89 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -10,6 +10,8 @@ on: types: - published +permissions: {} + jobs: build_wheels: name: Build wheels on ${{ matrix.os }} diff --git a/.github/workflows/test-libmaxminddb.yml b/.github/workflows/test-libmaxminddb.yml index 73c78b2..0b44861 100644 --- a/.github/workflows/test-libmaxminddb.yml +++ b/.github/workflows/test-libmaxminddb.yml @@ -6,6 +6,8 @@ on: schedule: - cron: '3 15 * * SUN' +permissions: {} + jobs: build: diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index c1f91ac..500d20c 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -6,6 +6,8 @@ on: schedule: - cron: '3 15 * * SUN' +permissions: {} + jobs: build: diff --git a/.github/workflows/zizmor.yml b/.github/workflows/zizmor.yml index c09cf12..7ca9cb2 100644 --- a/.github/workflows/zizmor.yml +++ b/.github/workflows/zizmor.yml @@ -6,6 +6,8 @@ on: pull_request: branches: ["**"] +permissions: {} + jobs: zizmor: name: zizmor latest via PyPI