README
@pkgdeps/update-github-actions-permissions
Update GitHub Actions's permissions
automatically.
Before | After |
---|---|
Features
- Detect using Actions and add
permissions
field to your action yaml file - Support 40+ GitHub Actions
Install
Install with npm:
npm install @pkgdeps/update-github-actions-permissions --global
or
npx @pkgdeps/update-github-actions-permissions ".github/workflows/*.{yaml,yml}"
Usage
Usage
$ update-github-actions-permissions "[file|glob]"
Options
--defaultPermissions [String] "write-all" or "read-all". Default: "write-all"
--verbose [Boolean] If enable verbose, output debug info.
Examples
$ update-github-actions-permissions ".github/workflows/test.yml"
# multiple inputs
$ update-github-actions-permissions ".github/workflows/test.yml" ".github/workflows/publish.yml"
$ update-github-actions-permissions ".github/workflows/*.{yml,yaml}"
permissions
Add existing action's This tool manage permissions
in actions.yml.
If you want to improve the permissions
definitions, please edit actions.yml.
- Edit actions.yml
- Submit a Pull Request
Detection logics
- Read your workflow file
- Collect
uses
actions orenv
which is using${{ secrets.GITHUB_TOKEN }}
- Match actions with actions.yml
- If found unknown actions, write
defaultPermissions
(permissions: write-all
) to workflow file. - If found
env
usage, writedefaultPermissions
(permissions: write-all
) to workflow file.- :memo:
NODE_AUTH_TOKEN
is special pattern. Current treats it ascontents: read
andpackages: write
.
- :memo:
- Else, put
permission: <combined permissions>
to workflow file.
Changelog
See Releases page.
Running tests
Install devDependencies and Run npm test
:
npm test
Contributing
Pull requests and stars are always welcome.
For bugs and feature requests, please create an issue.
- Fork it!
- Create your feature branch:
git checkout -b my-new-feature
- Commit your changes:
git commit -am 'Add some feature'
- Push to the branch:
git push origin my-new-feature
- Submit a pull request :D
Author
License
MIT © azu