[PATCH] D143535: github: Add manual workflow to build and upload release binaries
Joyce via Phabricator via llvm-commits
llvm-commits at lists.llvm.org
Fri Feb 17 05:26:46 PST 2023
joycebrum added a comment.
I've add some comments about better scoped permissions.
================
Comment at: .github/workflows/release-binaries.yml:18
+permissions:
+ contents: write # To upload assets to release.
+
----------------
Top level permissions should always be read only.
================
Comment at: .github/workflows/release-binaries.yml:62
+ name: ${{ matrix.target.triple }}
+ needs: prepare
+ runs-on: ${{ matrix.target.runs-on }}
----------------
Write permissions should be given on run level (jobs).
Repository:
rG LLVM Github Monorepo
CHANGES SINCE LAST ACTION
https://reviews.llvm.org/D143535/new/
https://reviews.llvm.org/D143535
More information about the llvm-commits
mailing list