Merge from development to master#17
Conversation
Each return a pair (x, y) and (widht, height)
| name: Build on Ubuntu | ||
| runs-on: ubuntu-latest | ||
|
|
||
| steps: | ||
| - name: Checkout repository | ||
| uses: actions/checkout@v4 | ||
|
|
||
| - name: Install dependencies | ||
| run: sudo apt-get update && sudo apt-get install -y cmake build-essential | ||
|
|
||
| - name: Configure CMake | ||
| run: cmake -S . -B build | ||
|
|
||
| - name: Build | ||
| run: cmake --build build | ||
|
|
||
| # build-windows: | ||
| # name: Build on Windows | ||
| # runs-on: windows-latest | ||
|
|
||
| # steps: | ||
| # - name: Checkout repository | ||
| # uses: actions/checkout@v4 | ||
|
|
||
| # - name: Configure CMake | ||
| # run: cmake -S . -B build | ||
|
|
||
| # - name: Build | ||
| # run: cmake --build build |
Check warning
Code scanning / CodeQL
Workflow does not contain permissions Medium
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix
AI 10 months ago
To fix the problem, an explicit permissions key should be added to restrict the permissions of the GITHUB_TOKEN to the least privilege necessary for the workflow's operations. Since the current workflow only checks out code and builds it (does not require any write access), contents: read is sufficient. The best way to fix this is to add permissions: contents: read at the root of the workflow (recommended and most consistent with GitHub's examples), which will apply it to all jobs (current and future). This requires modifying the .github/workflows/cmake-build.yml file: insert the permissions: block after the name: key and before (or after) the on: key for clarity.
| @@ -1,4 +1,6 @@ | ||
| name: CMake Build | ||
| permissions: | ||
| contents: read | ||
|
|
||
| on: | ||
| push: |
No description provided.