Skip to content

Commit b007f25

Browse files
dpark01claude
andcommitted
add explicit permissions block to workflow
Addresses CodeQL security finding by restricting GITHUB_TOKEN to read-only contents access. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
1 parent 67535c5 commit b007f25

1 file changed

Lines changed: 3 additions & 0 deletions

File tree

.github/workflows/validate-reference-genomes.yml

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -9,6 +9,9 @@ on:
99
- 'assembly/reference_genomes.tsv'
1010
workflow_dispatch:
1111

12+
permissions:
13+
contents: read
14+
1215
jobs:
1316
validate:
1417
runs-on: ubuntu-latest

0 commit comments

Comments
 (0)