Comments (4)
#3013 closes this issue?
Not yet. I'm working on nodejs workflow. If everything ok I will close myself (else I will open another PR).
from undici.
#3013 closes this issue?
from undici.
My bad on that change. The GHA documentation is a bit bare on permissions, by not setting the global permissions does it essentially issue a full read-write token to the workflow?
Edit: Nvm found it: https://docs.github.com/en/actions/security-guides/automatic-token-authentication
These defaults are crazy permissive.
Also just to confirm: Are job-level permissions additive to workflow-level?
For example, in nightly at the workflow level we now have:
permissions:
contents: read
then the report-failure job within that workflow:
report-failure:
permissions:
issues: write
So there's no need to explicitly set contents: read
in the report-failure?
from undici.
My bad on that change. The GHA documentation is a bit bare on permissions, by not setting the global permissions does it essentially issue a full read-write token to the workflow?
I think it depend on the Github permission setting (but by default yes it has read-write almost everywhere).
Also just to confirm: Are job-level permissions additive to workflow-level?
Yes. The basic idea is to set read at the root and then assign the right permission by jobs.
You can read more here about how OpenSSF scorecard build the score (there is also some tips and links).
from undici.
Related Issues (20)
- Unexpected error thrown during destorying the socket due to the "servername changed" HOT 1
- 100% Test Coverage HOT 9
- CII-Best-Practices
- Support interoperability with other version of itself HOT 7
- Allow overriding Node's internal fetch HOT 1
- assert is slow? HOT 7
- Change "Body is unusable" error to something more helpful HOT 7
- automate releases (v5) HOT 1
- `Response.body` is type of `PassThrough` instead of `ReadableStream` HOT 4
- Is there a plan to add options for setting HTTP headers on EventSource? HOT 6
- test/client-request.js, 'request dump' test case always takes ~ 5 seconds HOT 5
- Module parse failed: Unexpected token (874:57) undici/lib/web/fetch/util.js HOT 6
- `undici.fetch` breaks on Node.js <=18.13.0 in [email protected] HOT 10
- Retry handler should send if-match on retry request
- Type 'Agent' is not assignable to type 'Dispatcher'. HOT 5
- Invalid URL error when browser process it successfully HOT 3
- Memory issues / many instances of MaxListenersExceededWarning when using Undici via Elasticsearch HOT 8
- New docs website HOT 9
- Observations regarding instability of native fetch in AWS Lambda x86_64 nodejs20.x HOT 25
- NextJS: Module parse failed: Unexpected token HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from undici.