Documentation for GITHUB_TOKEN required permissions #491
Labels
bug
Something isn't working
Comments
|
The action must read the issues and pull requests. It must also be able to write to a pull request or issue. This means you have to specify the following permissions: permissions:
issues: write
pull-requests: writeI want to create a pull request to add this information to the README. |
# for free
to join this conversation on GitHub.
Already have an account?
# to comment
No clear way to identify required permissions for GITHUB_TOKEN when org level permissions are set to readonly by default.
Please add documentation for required permissions.
Specifying required permissions for github action should be standard.
By default, github sets GITHUB_TOKEN's permissions to all writes. For security purposes companies change these permissions to readonly and override to write where needed in github action workflows.
https://docs.github.com/en/actions/reference/workflow-syntax-for-github-actions#permissions
The text was updated successfully, but these errors were encountered: