We should update the workflows to limit permissions.
godot.yml needs
permissions:
contents: write # Required for softprops/action-gh-release to create releases and upload assets
upload_rust.yml
# Explicitly lock down the token to read-only for security compliance
permissions:
contents: read # Required for actions/checkout to pull down the repository source
We should update the workflows to limit permissions.
godot.yml needs
upload_rust.yml