Merge pull request #165 from arvkevi/workflow-permission-patch

arvkevi · web-flow · commit 716d32e3f552 · 2025-03-01T07:14:07.000-05:00
Workflow permissions
diff --git a/.github/workflows/pythonpublish.yml b/.github/workflows/pythonpublish.yml
@@ -4,13 +4,18 @@ on:
   release:
     types: [created]
 
+permissions:
+  contents: read
+
 jobs:
   deploy:
     runs-on: ubuntu-latest
+    permissions:
+      contents: write  # Only grant write permission to contents for this job
     steps:
-    - uses: actions/checkout@v1
+    - uses: actions/checkout@v2  # Updated to the latest version
     - name: Set up Python
-      uses: actions/setup-python@v1
+      uses: actions/setup-python@v2  # Updated to the latest version
       with:
         python-version: '3.x'
     - name: Install dependencies
diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml
@@ -2,23 +2,31 @@ name: Unit tests and coverage
 
 on: [push, workflow_dispatch, pull_request]
 
-jobs:
-  build:
+permissions:
+  contents: read
+  issues: write
+  pull-requests: write
 
+jobs:
+  build:    
     runs-on: ${{ matrix.os }}
     strategy:
       matrix:
-        python-version: ["3.7", "3.8", "3.9", "3.10", "3.11"]
+        python-version: ["3.8", "3.9", "3.10", "3.11"]
         os: [ubuntu-latest, macos-latest, windows-latest]
         exclude:  # Python < v3.8 does not support Apple Silicon ARM64.
         - python-version: "3.7"
           os: macos-latest
+        - python-version: "3.7"
+          os: ubuntu-latest
         include:  # So run those legacy versions on Intel CPUs.
         - python-version: "3.7"
           os: macos-13
+        - python-version: "3.7"
+          os: windows-latest
     env:
       OS: ${{ matrix.os }}
-      PYHTHON: ${{ matrix.python-version }}
+      PYTHON: ${{ matrix.python-version }}
     steps:
       - uses: actions/checkout@v3
       - name: Set up Python ${{ matrix.python-version }}
