docker-mailserver/.github
Naveen 13a194466b
chore: Set permissions for GitHub actions (#2555)
* chore: Set permissions for GitHub actions

 Restrict the GitHub token permissions only to the required ones; this way, even if the attackers will succeed in compromising your workflow, they won’t be able to do much.

- Included permissions for the action. https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions

https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions

https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs

[Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/)

Signed-off-by: naveensrinivasan <172697+naveensrinivasan@users.noreply.github.com>

* Update docs-production-deploy.yml

* added `packages: write` permissions

this is apparently needed by GH so this repository can push new images.

Co-authored-by: Georg Lauterbach <44545919+georglauterbach@users.noreply.github.com>
Co-authored-by: Casper <casperklein@users.noreply.github.com>
2022-05-11 09:51:15 +02:00
..
ISSUE_TEMPLATE scripts: remove DMS_DEBUG (#2523) 2022-04-03 13:29:10 +02:00
workflows chore: Set permissions for GitHub actions (#2555) 2022-05-11 09:51:15 +02:00
dependabot.yml Added docker to dependabot.yml config (#2316) 2021-12-11 09:58:17 +01:00
FUNDING.yml create .github/FUNDING.yml (#2512) 2022-04-02 15:56:29 +02:00
pull_request_template.md chore(docs): outsourcing environment vars to the documentation (#1948) 2021-05-11 22:15:34 +12:00