Clean up workflows

This commit is contained in:
Mara Nikola Kiefer
2026-04-13 19:56:19 +02:00
parent 5f7398049f
commit 98671d31fb
9 changed files with 34 additions and 21 deletions
+5 -3
View File
@@ -17,9 +17,11 @@ on:
# Only trigger for failures - check in the workflow body
if: ${{ github.event.workflow_run.conclusion == 'failure' }}
permissions: read-all
network: defaults
permissions:
contents: read
actions: read
issues: read
checks: read
safe-outputs:
create-issue:
+4 -1
View File
@@ -14,7 +14,10 @@ network:
- rust
- java
permissions: read-all
permissions:
contents: read
pull-requests: read
issues: read
tracker-id: code-simplifier
-2
View File
@@ -22,8 +22,6 @@ permissions:
tools:
github:
toolsets: [default]
edit:
bash: true
timeout-minutes: 30
-2
View File
@@ -15,8 +15,6 @@ permissions:
issues: read
pull-requests: read
network: defaults
tools:
github:
# If in a public repo, setting `lockdown: false` allows
-2
View File
@@ -16,8 +16,6 @@ permissions:
issues: read
pull-requests: read
network: defaults
tools:
github:
min-integrity: none # This workflow is allowed to examine and comment on any issues
+8 -2
View File
@@ -20,7 +20,14 @@ on:
timeout-minutes: 30
permissions: read-all
permissions:
contents: read
issues: read
pull-requests: read
checks: read
actions: read
discussions: read
security-events: read
network:
allowed:
@@ -57,7 +64,6 @@ safe-outputs:
tools:
web-fetch:
bash: true
github:
toolsets: [all]
repo-memory: true
+3 -3
View File
@@ -12,9 +12,9 @@ on:
types: [opened, reopened]
reaction: eyes
permissions: read-all
network: defaults
permissions:
contents: read
issues: read
safe-outputs:
add-labels:
+6 -4
View File
@@ -12,13 +12,15 @@ on:
name: pr-fix
reaction: "eyes"
permissions: read-all
network: defaults
permissions:
contents: read
pull-requests: read
actions: read
checks: read
issues: read
tools:
web-fetch:
bash: true
github:
min-integrity: none # This workflow is allowed to examine any PR because it's invoked by a repo maintainer
+8 -2
View File
@@ -23,7 +23,14 @@ on:
timeout-minutes: 60
permissions: read-all
permissions:
contents: read
issues: read
pull-requests: read
checks: read
actions: read
discussions: read
security-events: read
network:
allowed:
@@ -43,7 +50,6 @@ tools:
github:
toolsets: [all]
min-integrity: none # This workflow is allowed to examine and comment on any issues or PRs
bash: true
repo-memory: true
safe-outputs: