1
0
mirror of https://github.com/microsoft/DirectXTex synced 2024-11-08 14:00:05 +00:00

[StepSecurity] ci: Harden GitHub Actions (#507)

This commit is contained in:
StepSecurity Bot 2024-09-10 19:03:12 -07:00 committed by GitHub
parent 79b4ef0ef8
commit 3dc7ec1e82
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
4 changed files with 15 additions and 1 deletions

View File

@ -23,13 +23,18 @@ on:
schedule:
- cron: '43 3 * * 3'
permissions:
contents: read
jobs:
analyze:
name: Analyze (C/C++)
runs-on: windows-latest
timeout-minutes: 360
permissions:
security-events: write
actions: read # for github/codeql-action/init to get workflow details
contents: read # for actions/checkout to fetch code
security-events: write # for github/codeql-action/autobuild to send a status report
packages: read
steps:

View File

@ -21,6 +21,9 @@ on:
- build/*.targets
- build/*.yml
permissions:
contents: read
jobs:
build:
runs-on: ${{ matrix.os }}

View File

@ -24,6 +24,9 @@ on:
env:
DIRECTXTEX_MEDIA_PATH: ${{ github.workspace }}/Media
permissions:
contents: read
jobs:
build:
runs-on: ${{ matrix.os }}

View File

@ -15,6 +15,9 @@ on:
- LICENSE
- build/*
permissions:
contents: read
jobs:
build:
runs-on: ${{ matrix.os }}