diff --git a/.github/workflows/build-rpm-arm64.yml b/.github/workflows/build-rpm-arm64.yml index 6ee2ca3..6ab0735 100644 --- a/.github/workflows/build-rpm-arm64.yml +++ b/.github/workflows/build-rpm-arm64.yml @@ -5,6 +5,9 @@ on: types: [published] workflow_dispatch: +permissions: + contents: write + jobs: ci: name: "${{ matrix.target }}" diff --git a/.github/workflows/build-rpm-armhf.yml b/.github/workflows/build-rpm-armhf.yml index e3e05ea..2a586e1 100644 --- a/.github/workflows/build-rpm-armhf.yml +++ b/.github/workflows/build-rpm-armhf.yml @@ -5,6 +5,9 @@ on: types: [published] workflow_dispatch: +permissions: + contents: write + jobs: ci: name: "${{ matrix.target }}" diff --git a/.github/workflows/build-rpm-x86-64.yml b/.github/workflows/build-rpm-x86-64.yml index 11a6442..a6a3dba 100644 --- a/.github/workflows/build-rpm-x86-64.yml +++ b/.github/workflows/build-rpm-x86-64.yml @@ -5,6 +5,9 @@ on: types: [published] workflow_dispatch: +permissions: + contents: write + jobs: ci: name: "${{ matrix.target }}" diff --git a/.github/workflows/build-watcom.yml b/.github/workflows/build-watcom.yml index 73541fe..648f370 100644 --- a/.github/workflows/build-watcom.yml +++ b/.github/workflows/build-watcom.yml @@ -5,6 +5,9 @@ on: types: [published] workflow_dispatch: +permissions: + contents: write + jobs: ci: name: "${{ matrix.target }}" diff --git a/.github/workflows/build-win32.yml b/.github/workflows/build-win32.yml index e7b14c3..10eaf21 100644 --- a/.github/workflows/build-win32.yml +++ b/.github/workflows/build-win32.yml @@ -5,6 +5,9 @@ on: types: [published] workflow_dispatch: +permissions: + contents: write + jobs: ci: name: "${{ matrix.target }}" diff --git a/.github/workflows/build-win64.yml b/.github/workflows/build-win64.yml index c6ab8ce..fb91517 100644 --- a/.github/workflows/build-win64.yml +++ b/.github/workflows/build-win64.yml @@ -5,6 +5,9 @@ on: types: [published] workflow_dispatch: +permissions: + contents: write + jobs: ci: name: "${{ matrix.target }}" diff --git a/.github/workflows/build-winarm64.yml b/.github/workflows/build-winarm64.yml index 9e8198c..c042960 100644 --- a/.github/workflows/build-winarm64.yml +++ b/.github/workflows/build-winarm64.yml @@ -5,6 +5,9 @@ on: types: [published] workflow_dispatch: +permissions: + contents: write + jobs: ci: name: "${{ matrix.target }}" diff --git a/.github/workflows/c-cpp-Linux.yml b/.github/workflows/c-cpp-Linux.yml index c26ec16..98dfc16 100644 --- a/.github/workflows/c-cpp-Linux.yml +++ b/.github/workflows/c-cpp-Linux.yml @@ -2,10 +2,14 @@ name: C/C++ CI Linux on: push: - branches: [ "master" ] paths: [ '**.c', '**.h', 'Makefile.Linux', '.github/configs', '.github/workflows/c-cpp-Linux.yml' ] + pull_request: + paths: [ "**.c", "**.h", "Makefile.Linux", ".github/configs", ".github/workflows/c-cpp-Linux.yml" ] workflow_dispatch: +permissions: + contents: read + jobs: ci: name: "${{ matrix.target }}" diff --git a/.github/workflows/c-cpp-MacOS.yml b/.github/workflows/c-cpp-MacOS.yml index 2b618a2..6989bea 100644 --- a/.github/workflows/c-cpp-MacOS.yml +++ b/.github/workflows/c-cpp-MacOS.yml @@ -2,10 +2,14 @@ name: C/C++ CI MacOS on: push: - branches: [ "master" ] paths: [ '**.c', '**.h', 'Makefile.FreeBSD', '.github/configs', '.github/workflows/c-cpp-MacOS.yml' ] + pull_request: + paths: [ "**.c", "**.h", "Makefile.FreeBSD", ".github/configs", ".github/workflows/c-cpp-MacOS.yml" ] workflow_dispatch: +permissions: + contents: read + jobs: ci: name: "${{ matrix.target }}" diff --git a/.github/workflows/c-cpp-Windows.yml b/.github/workflows/c-cpp-Windows.yml index 83aa8e8..4fa80b0 100644 --- a/.github/workflows/c-cpp-Windows.yml +++ b/.github/workflows/c-cpp-Windows.yml @@ -2,10 +2,14 @@ name: C/C++ CI Windows on: push: - branches: [ "master" ] paths: [ '**.c', '**.h', 'Makefile.msvc', '.github/configs', '.github/workflows/c-cpp-Windows.yml' ] + pull_request: + paths: [ "**.c", "**.h", "Makefile.msvc", ".github/configs", ".github/workflows/c-cpp-Windows.yml" ] workflow_dispatch: +permissions: + contents: read + jobs: ci: name: "${{ matrix.target }}" diff --git a/.github/workflows/c-cpp-cmake.yml b/.github/workflows/c-cpp-cmake.yml index ac0af19..89585a0 100644 --- a/.github/workflows/c-cpp-cmake.yml +++ b/.github/workflows/c-cpp-cmake.yml @@ -2,10 +2,14 @@ name: C/C++ CI cmake on: push: - branches: [ "master", "unix_socket" ] paths: [ '**.c', '**.h', '**.cmake', 'CMakeLists.txt', '.github/configs', '.github/workflows/c-cpp-cmake.yml' ] + pull_request: + paths: [ "**.c", "**.h", "**.cmake", "CMakeLists.txt", ".github/configs", ".github/workflows/c-cpp-cmake.yml" ] workflow_dispatch: +permissions: + contents: read + jobs: ci: name: "${{ matrix.target }}" diff --git a/.github/workflows/docker-ghcr.yml b/.github/workflows/docker-ghcr.yml index b4005df..bccbe8b 100644 --- a/.github/workflows/docker-ghcr.yml +++ b/.github/workflows/docker-ghcr.yml @@ -5,6 +5,10 @@ on: types: [published] workflow_dispatch: +permissions: + contents: read + packages: write + env: REGISTRY: ghcr.io IMAGE_NAME: ${{ github.repository }} @@ -13,9 +17,6 @@ jobs: build: name: Build and push Docker images runs-on: ubuntu-latest - permissions: - contents: read - packages: write steps: - name: Checkout uses: actions/checkout@v5 diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml index df1ac87..da54520 100644 --- a/.github/workflows/docker.yml +++ b/.github/workflows/docker.yml @@ -5,6 +5,9 @@ on: types: [published] workflow_dispatch: +permissions: + contents: read + env: REGISTRY: docker.io IMAGE_NAME: 3proxy/3proxy @@ -13,8 +16,6 @@ jobs: build: name: Build and push Docker images runs-on: ubuntu-latest - permissions: - contents: read steps: - name: Checkout uses: actions/checkout@v5