fix: address security risks in GitHub Actions workflows (#1651)
* Remove cache consumption in release workflow. * Tighten style-check.yml permissions * Tighten permissions in test workflow that consumes cache. * Use stricter permissions where possible --------- Co-authored-by: Justin Halsall <Juice10@users.noreply.github.com>
This commit is contained in:
Adnan Khan
1
.github/workflows/release.yml
vendored
1
.github/workflows/release.yml
vendored
@@ -19,7 +19,6 @@ jobs:
|
||||
uses: actions/setup-node@v3
|
||||
with:
|
||||
node-version: lts/*
|
||||
cache: 'yarn'
|
||||
|
||||
- name: Install Dependencies
|
||||
run: yarn install --frozen-lockfile
|
||||
|
||||
Reference in New Issue
Block a user