From d795ead7df1058d0b0b51dd63677ddd3c7805026 Mon Sep 17 00:00:00 2001 From: Chris Gavin Date: Fri, 13 Sep 2024 10:04:17 +0100 Subject: [PATCH 1/3] Fix incorrect documentation about the `token` input to the Actions. --- analyze/action.yml | 2 +- upload-sarif/action.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/analyze/action.yml b/analyze/action.yml index 6be05a4f38..477954ca9e 100644 --- a/analyze/action.yml +++ b/analyze/action.yml @@ -74,7 +74,7 @@ inputs: required: true default: "true" token: - description: "GitHub token to use for authenticating with this instance of GitHub. The token needs the `security-events: write` permission." + description: "GitHub token to use for authenticating with this instance of GitHub. The token must be the built-in GitHub Actions token, and the workflow should have the `security-events: write` permission." required: false default: ${{ github.token }} matrix: diff --git a/upload-sarif/action.yml b/upload-sarif/action.yml index a6b74bbfc0..354eb2928e 100644 --- a/upload-sarif/action.yml +++ b/upload-sarif/action.yml @@ -20,7 +20,7 @@ inputs: description: "The sha of the HEAD of the ref where results will be uploaded. If not provided, the Action will use the GITHUB_SHA environment variable. If provided, the ref input must be provided as well. This input is ignored for pull requests from forks." required: false token: - description: "GitHub token to use for authenticating with this instance of GitHub. The token needs the `security-events: write` permission." + description: "GitHub token to use for authenticating with this instance of GitHub. The token must be the built-in GitHub Actions token, and the workflow should have the `security-events: write` permission." required: false default: ${{ github.token }} matrix: From 51de6a802f1e85a8dce37a0d6a87f660dd50e663 Mon Sep 17 00:00:00 2001 From: Chris Gavin Date: Fri, 13 Sep 2024 15:42:15 +0100 Subject: [PATCH 2/3] Use RFC-style requirements. Co-authored-by: Andrew Eisenberg --- analyze/action.yml | 2 +- upload-sarif/action.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/analyze/action.yml b/analyze/action.yml index 477954ca9e..5ff9fc34d4 100644 --- a/analyze/action.yml +++ b/analyze/action.yml @@ -74,7 +74,7 @@ inputs: required: true default: "true" token: - description: "GitHub token to use for authenticating with this instance of GitHub. The token must be the built-in GitHub Actions token, and the workflow should have the `security-events: write` permission." + description: "GitHub token to use for authenticating with this instance of GitHub. The token must be the built-in GitHub Actions token, and the workflow must have the `security-events: write` permission." required: false default: ${{ github.token }} matrix: diff --git a/upload-sarif/action.yml b/upload-sarif/action.yml index 354eb2928e..adaa2ab0ad 100644 --- a/upload-sarif/action.yml +++ b/upload-sarif/action.yml @@ -20,7 +20,7 @@ inputs: description: "The sha of the HEAD of the ref where results will be uploaded. If not provided, the Action will use the GITHUB_SHA environment variable. If provided, the ref input must be provided as well. This input is ignored for pull requests from forks." required: false token: - description: "GitHub token to use for authenticating with this instance of GitHub. The token must be the built-in GitHub Actions token, and the workflow should have the `security-events: write` permission." + description: "GitHub token to use for authenticating with this instance of GitHub. The token must be the built-in GitHub Actions token, and the workflow must have the `security-events: write` permission." required: false default: ${{ github.token }} matrix: From 86b04fb0e47484f7282357688f21d5d0e32175fe Mon Sep 17 00:00:00 2001 From: Chris Gavin Date: Fri, 13 Sep 2024 15:48:32 +0100 Subject: [PATCH 3/3] Add a warning to not specify a `token` input in most cases. --- analyze/action.yml | 2 +- upload-sarif/action.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/analyze/action.yml b/analyze/action.yml index 5ff9fc34d4..7fec8fb44f 100644 --- a/analyze/action.yml +++ b/analyze/action.yml @@ -74,7 +74,7 @@ inputs: required: true default: "true" token: - description: "GitHub token to use for authenticating with this instance of GitHub. The token must be the built-in GitHub Actions token, and the workflow must have the `security-events: write` permission." + description: "GitHub token to use for authenticating with this instance of GitHub. The token must be the built-in GitHub Actions token, and the workflow must have the `security-events: write` permission. Most of the time it is advisable to avoid specifying this input so that the workflow falls back to using the default value." required: false default: ${{ github.token }} matrix: diff --git a/upload-sarif/action.yml b/upload-sarif/action.yml index adaa2ab0ad..f4fd30f0c6 100644 --- a/upload-sarif/action.yml +++ b/upload-sarif/action.yml @@ -20,7 +20,7 @@ inputs: description: "The sha of the HEAD of the ref where results will be uploaded. If not provided, the Action will use the GITHUB_SHA environment variable. If provided, the ref input must be provided as well. This input is ignored for pull requests from forks." required: false token: - description: "GitHub token to use for authenticating with this instance of GitHub. The token must be the built-in GitHub Actions token, and the workflow must have the `security-events: write` permission." + description: "GitHub token to use for authenticating with this instance of GitHub. The token must be the built-in GitHub Actions token, and the workflow must have the `security-events: write` permission. Most of the time it is advisable to avoid specifying this input so that the workflow falls back to using the default value." required: false default: ${{ github.token }} matrix: pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy