actions/labeler
1
0
Fork 0
mirror of https://github.com/actions/labeler.git synced 2025-12-12 12:37:48 +00:00
Code Issues Packages Projects Releases Wiki Activity

Clarify permissions required to use Action

Browse Source 
As a means to reduce the privileges provided to the job executing, we
can document what the minimal `permissions` required for the Actions'
`GITHUB_TOKEN` is.
This commit is contained in:
Jamie Tanna
2022-02-02 15:43:53 +00:00
committed by GitHub
parent 3194b4b6ce
commit c8a666accc
1 changed files with 4 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
README.md
View File

@@ -95,6 +95,9 @@ on:
jobs:
triage:
permissions:
contents: read
pull-requests: write
runs-on: ubuntu-latest
steps:
- uses: actions/labeler@v3
@@ -110,7 +113,7 @@ Various inputs are defined in [`action.yml`](action.yml) to let you configure th
| Name | Description | Default |
| - | - | - |
| `repo-token` | Token to use to authorize label changes. Typically the GITHUB_TOKEN secret | N/A |
| `repo-token` | Token to use to authorize label changes. Typically the GITHUB_TOKEN secret, with `contents:read` and `pull-requests:write` access | N/A |
| `configuration-path` | The path to the label configuration file | `.github/labeler.yml` |
| `sync-labels` | Whether or not to remove labels when matching files are reverted or no longer changed by the PR | `false`