chore: add explicit permissions to GitHub Actions workflows (#3807)

Fixes code scanning alerts #1, #2, #3, #4
(actions/missing-workflow-permissions).

- retry-workflow.yml rerun job: actions: write (to rerun workflows)
- upload-to-r2.yml upload-to-r2 job: contents: read (to download releases)
- upload-to-r2.yml retry-on-failure job: actions: write (to trigger retry)
- release.yml upload-to-r2 job: contents: read, actions: write

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
This commit is contained in:
Huang Xin
2026-04-09 13:33:25 +08:00
committed by GitHub
parent e43e533aca
commit d7fd06ca82
3 changed files with 9 additions and 0 deletions
+2
View File
@@ -8,6 +8,8 @@ on:
jobs:
rerun:
runs-on: ubuntu-latest
permissions:
actions: write
steps:
- name: rerun ${{ inputs.run_id }}
env: