Skip to content

Revert 14 main #45

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
yve-android wants to merge 2 commits into
base: alert-autofix-1
Choose a base branch
from
Open

Revert 14 main #45

yve-android wants to merge 2 commits into from

Conversation

@yve-android
Copy link
Owner

@yve-android yve-android commented Feb 9, 2026

No description provided.

@yve-android
Potential fix for code scanning alert no. 1: Workflow does not contai…
680a047 
…n permissions (#30)

Potential fix for
[https://github.com/yve-android/blacky/security/code-scanning/1](https://github.com/yve-android/blacky/security/code-scanning/1)

In general, fix this by adding an explicit `permissions:` block that
grants only the minimal scopes needed. Since this workflow only needs to
read repository contents (for `actions/checkout`) and upload an artifact
(which does not require repository write access), `contents: read` is
sufficient.

The best single fix without changing functionality is to add a
workflow-level `permissions:` block near the top of
`.github/workflows/build-apk.yml`, so it applies to all jobs. Place it
after the `name:` (line 1) and before `on:` (line 3), with:

```yaml
permissions:
  contents: read
```

No additional imports, methods, or definitions are needed because this
is purely a YAML configuration change within the workflow file.


_Suggested fixes powered by Copilot Autofix. Review carefully before
merging._
@yve-android
Create codeql.yml
fcf8fee
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@yve-android yve-android

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@yve-android