Add step to warn about unnecessary write permissions

Probes the github-token for write access to actions, checks, contents,
deployments, issues, packages, pages, pull-requests, security-events,
and statuses. Emits a visible warning if any write scopes are detected.

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
This commit is contained in:
Devraj Mehta
2026-03-14 10:01:21 -04:00
parent f070e091bc
commit 0d854367d9
2 changed files with 53 additions and 1 deletions
+1 -1
View File
@@ -9,7 +9,7 @@ steps:
- uses: actions/setup-copilot@v0
with:
version: "latest" # optional, defaults to "latest"
github-token: ${{ secrets.COPILOT_TOKEN }} # optional, defaults to github.token
github-token: ${{ secrets.GITHUB_TOKEN }} # optional, defaults to github.token
- run: copilot --version
```