Skip to content

Commit a1740d8

Browse files
hugovkhugovk
committed
Tighten permissions
1 parent 1e4b09e commit a1740d8

File tree

1 file changed

+6
-1
lines changed

1 file changed

+6
-1
lines changed

.github/workflows/pypi-package.yml

Lines changed: 6 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -13,7 +13,6 @@ on:
1313

1414
permissions:
1515
contents: read
16-
id-token: write
1716

1817
jobs:
1918
# Always build & lint package.
@@ -35,6 +34,9 @@ jobs:
3534
runs-on: ubuntu-latest
3635
needs: build-package
3736

37+
permissions:
38+
id-token: write
39+
3840
steps:
3941
- name: Download packages built by build-and-inspect-python-package
4042
uses: actions/download-artifact@v3
@@ -55,6 +57,9 @@ jobs:
5557
runs-on: ubuntu-latest
5658
needs: build-package
5759

60+
permissions:
61+
id-token: write
62+
5863
steps:
5964
- name: Download packages built by build-and-inspect-python-package
6065
uses: actions/download-artifact@v3

0 commit comments

Comments
 (0)