diff --git a/.github/workflow-templates/fe/fe-check-upmerge.yml b/.github/workflow-templates/fe/fe-check-upmerge.yml index d89c0d73..3c7b6a35 100644 --- a/.github/workflow-templates/fe/fe-check-upmerge.yml +++ b/.github/workflow-templates/fe/fe-check-upmerge.yml @@ -4,7 +4,11 @@ on: # Runs "At 18:00 every day" (see https://crontab.guru) - cron: '0 18 * * *' -permissions: write-all +permissions: + contents: write + pull-requests: write + actions: read + checks: write jobs: check-upmerge: diff --git a/.github/workflow-templates/fe/fe-cleanup-snapshots.yml b/.github/workflow-templates/fe/fe-cleanup-snapshots.yml index e65ab792..90b80a57 100644 --- a/.github/workflow-templates/fe/fe-cleanup-snapshots.yml +++ b/.github/workflow-templates/fe/fe-cleanup-snapshots.yml @@ -4,7 +4,11 @@ on: # Runs "At 00:00 on day-of-month 28 in every 3rd month." (see https://crontab.guru) - cron: '0 0 28 */3 *' -permissions: write-all +permissions: + contents: write + pull-requests: write + actions: read + checks: write jobs: cleanup-snapshots: diff --git a/.github/workflow-templates/fe/fe-licenses.yml b/.github/workflow-templates/fe/fe-licenses.yml index b6d4dff9..bf2a5389 100644 --- a/.github/workflow-templates/fe/fe-licenses.yml +++ b/.github/workflow-templates/fe/fe-licenses.yml @@ -5,7 +5,11 @@ on: - 'package.json' - 'package-lock.json' -permissions: write-all +permissions: + contents: write + pull-requests: write + actions: read + checks: write env: NX_BRANCH: ${{ github.event.number }} diff --git a/.github/workflow-templates/fe/fe-main.yml b/.github/workflow-templates/fe/fe-main.yml index 662b4e50..f915310d 100644 --- a/.github/workflow-templates/fe/fe-main.yml +++ b/.github/workflow-templates/fe/fe-main.yml @@ -5,7 +5,11 @@ on: - main - master -permissions: write-all +permissions: + contents: write + pull-requests: write + actions: read + checks: write env: NX_BRANCH: ${{ github.event.number }} diff --git a/.github/workflow-templates/fe/fe-pr-close.yml b/.github/workflow-templates/fe/fe-pr-close.yml index 050e79a3..8f16fd8a 100644 --- a/.github/workflow-templates/fe/fe-pr-close.yml +++ b/.github/workflow-templates/fe/fe-pr-close.yml @@ -5,7 +5,11 @@ on: branches: - '**' -permissions: write-all +permissions: + contents: write + pull-requests: write + actions: read + checks: write jobs: remove-artifacts: diff --git a/.github/workflow-templates/fe/fe-pr-snapshot.yml b/.github/workflow-templates/fe/fe-pr-snapshot.yml index 5bd16714..7020269d 100644 --- a/.github/workflow-templates/fe/fe-pr-snapshot.yml +++ b/.github/workflow-templates/fe/fe-pr-snapshot.yml @@ -5,7 +5,11 @@ on: branches: - '**' -permissions: write-all +permissions: + contents: write + pull-requests: write + actions: read + checks: write jobs: publish-pr-snapshot: diff --git a/.github/workflow-templates/fe/fe-pr.yml b/.github/workflow-templates/fe/fe-pr.yml index 01060c42..9432f61e 100644 --- a/.github/workflow-templates/fe/fe-pr.yml +++ b/.github/workflow-templates/fe/fe-pr.yml @@ -4,7 +4,11 @@ on: branches: - '**' -permissions: write-all +permissions: + contents: write + pull-requests: write + actions: read + checks: write env: NX_BRANCH: ${{ github.event.number }} diff --git a/.github/workflow-templates/fe/fe-release.yml b/.github/workflow-templates/fe/fe-release.yml index 3d67603a..5afbc5e3 100644 --- a/.github/workflow-templates/fe/fe-release.yml +++ b/.github/workflow-templates/fe/fe-release.yml @@ -4,7 +4,11 @@ on: branches: - 'release/*' -permissions: write-all +permissions: + contents: write + pull-requests: write + actions: read + checks: write env: NX_BRANCH: ${{ github.event.number }} diff --git a/.github/workflow-templates/fe/fe-tag-pushed.yml b/.github/workflow-templates/fe/fe-tag-pushed.yml index ad46531f..afd639ad 100644 --- a/.github/workflow-templates/fe/fe-tag-pushed.yml +++ b/.github/workflow-templates/fe/fe-tag-pushed.yml @@ -4,7 +4,11 @@ on: tags: - '*/*' -permissions: write-all +permissions: + contents: write + pull-requests: write + actions: read + checks: write env: NX_BRANCH: ${{ github.event.number }}