diff options
| author | laurentsimon <64505099+laurentsimon@users.noreply.github.com> | 2023-04-18 05:44:23 -0700 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2023-04-18 07:44:23 -0500 |
| commit | f8fada5ed479e0e6b8440c819632b3a8c040cf65 (patch) | |
| tree | fd220f66268be81e3ab8b73fc3a11751c378d5bc /.github | |
| parent | 23cf6a4b5dd43693f2e5f62eba718a102e3d768c (diff) | |
| download | urllib3-f8fada5ed479e0e6b8440c819632b3a8c040cf65.tar.gz | |
Remove id-token permission from SLSA build part
Diffstat (limited to '.github')
| -rw-r--r-- | .github/workflows/publish.yml | 6 |
1 files changed, 2 insertions, 4 deletions
diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index e7221c68..896350ed 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -6,9 +6,7 @@ on: - "*" permissions: - contents: "read" - # Needed to access the workflow's OIDC identity. - id-token: "write" + contents: read jobs: build: @@ -54,7 +52,7 @@ jobs: permissions: actions: read contents: write - id-token: write + id-token: write # Needed to access the workflow's OIDC identity. uses: "slsa-framework/slsa-github-generator/.github/workflows/generator_generic_slsa3.yml@v1.5.0" with: base64-subjects: "${{ needs.build.outputs.hashes }}" |