From 52091c8344e555e159df4223abe6dde79bce9fab Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Fri, 26 Sep 2025 17:17:48 +0000 Subject: [PATCH 1/2] Initial plan From ca1d0b534d28728a58a24efa8bedb3ecf9ea2d7b Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Fri, 26 Sep 2025 17:22:58 +0000 Subject: [PATCH 2/2] Fix workflow permissions for private repositories Co-authored-by: Ninja3047 <1284324+Ninja3047@users.noreply.github.com> --- .github/workflows/tests.yml | 3 ++- .github/workflows/zizmor.yml | 3 ++- {{cookiecutter.project_slug}}/.github/workflows/docs.yml | 3 ++- {{cookiecutter.project_slug}}/.github/workflows/lint.yml | 3 ++- {{cookiecutter.project_slug}}/.github/workflows/release.yml | 3 ++- {{cookiecutter.project_slug}}/.github/workflows/tests.yml | 3 ++- {{cookiecutter.project_slug}}/.github/workflows/zizmor.yml | 3 ++- 7 files changed, 14 insertions(+), 7 deletions(-) diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml index 72f6d98..0bb89ef 100644 --- a/.github/workflows/tests.yml +++ b/.github/workflows/tests.yml @@ -6,7 +6,8 @@ on: - main pull_request: -permissions: {} +permissions: + contents: read # needed for checkout in private repos jobs: self-test: diff --git a/.github/workflows/zizmor.yml b/.github/workflows/zizmor.yml index 63b106e..98b795c 100644 --- a/.github/workflows/zizmor.yml +++ b/.github/workflows/zizmor.yml @@ -6,7 +6,8 @@ on: pull_request: branches: ["**"] -permissions: {} +permissions: + contents: read # needed for checkout in private repos jobs: zizmor: diff --git a/{{cookiecutter.project_slug}}/.github/workflows/docs.yml b/{{cookiecutter.project_slug}}/.github/workflows/docs.yml index ed2d8f1..9962cda 100644 --- a/{{cookiecutter.project_slug}}/.github/workflows/docs.yml +++ b/{{cookiecutter.project_slug}}/.github/workflows/docs.yml @@ -5,7 +5,8 @@ on: branches: - main -permissions: {} +permissions: + contents: read # needed for checkout in private repos jobs: build: diff --git a/{{cookiecutter.project_slug}}/.github/workflows/lint.yml b/{{cookiecutter.project_slug}}/.github/workflows/lint.yml index 455904d..9f2473c 100644 --- a/{{cookiecutter.project_slug}}/.github/workflows/lint.yml +++ b/{{cookiecutter.project_slug}}/.github/workflows/lint.yml @@ -6,7 +6,8 @@ on: - main pull_request: -permissions: {} +permissions: + contents: read # needed for checkout in private repos jobs: lint: diff --git a/{{cookiecutter.project_slug}}/.github/workflows/release.yml b/{{cookiecutter.project_slug}}/.github/workflows/release.yml index 7d4e885..2dbbc63 100644 --- a/{{cookiecutter.project_slug}}/.github/workflows/release.yml +++ b/{{cookiecutter.project_slug}}/.github/workflows/release.yml @@ -5,7 +5,8 @@ on: name: release -permissions: {} +permissions: + contents: read # needed for checkout in private repos jobs: build: diff --git a/{{cookiecutter.project_slug}}/.github/workflows/tests.yml b/{{cookiecutter.project_slug}}/.github/workflows/tests.yml index 89d4c92..ff524e8 100644 --- a/{{cookiecutter.project_slug}}/.github/workflows/tests.yml +++ b/{{cookiecutter.project_slug}}/.github/workflows/tests.yml @@ -6,7 +6,8 @@ on: - main pull_request: -permissions: {} +permissions: + contents: read # needed for checkout in private repos jobs: test: diff --git a/{{cookiecutter.project_slug}}/.github/workflows/zizmor.yml b/{{cookiecutter.project_slug}}/.github/workflows/zizmor.yml index 63b106e..98b795c 100644 --- a/{{cookiecutter.project_slug}}/.github/workflows/zizmor.yml +++ b/{{cookiecutter.project_slug}}/.github/workflows/zizmor.yml @@ -6,7 +6,8 @@ on: pull_request: branches: ["**"] -permissions: {} +permissions: + contents: read # needed for checkout in private repos jobs: zizmor: