Skip to content

[ci] Scope permissions for runtime_commit_artifacts.yml#32701

Merged
poteto merged 1 commit intomainfrom
pr32701
Mar 21, 2025
Merged

[ci] Scope permissions for runtime_commit_artifacts.yml#32701
poteto merged 1 commit intomainfrom
pr32701

Conversation

@poteto
Copy link
Copy Markdown
Contributor

@poteto poteto commented Mar 21, 2025
edited
Loading

By default the github token is used with write-all permissions. Let's scope it down to just what we need.

https://docs.github.com/en/actions/writing-workflows/workflow-syntax-for-github-actions#permissions

Stack created with Sapling. Best reviewed with ReviewStack.

@github-actions github-actions Bot added the React Core Team Opened by a member of the React Core Team label Mar 21, 2025
@react-sizebot
Copy link
Copy Markdown

react-sizebot commented Mar 21, 2025
edited
Loading

Comparing: e1e7407...a47ab6d

Critical size changes

Includes critical production bundles, as well as any change greater than 2%:

Name +/- Base Current +/- gzip Base gzip Current gzip
oss-stable/react-dom/cjs/react-dom.production.js = 6.68 kB 6.68 kB +0.05% 1.83 kB 1.83 kB
oss-stable/react-dom/cjs/react-dom-client.production.js = 517.29 kB 517.29 kB = 92.26 kB 92.26 kB
oss-experimental/react-dom/cjs/react-dom.production.js = 6.69 kB 6.69 kB +0.05% 1.83 kB 1.83 kB
oss-experimental/react-dom/cjs/react-dom-client.production.js = 617.68 kB 617.68 kB = 109.55 kB 109.55 kB
facebook-www/ReactDOM-prod.classic.js = 653.74 kB 653.74 kB = 115.19 kB 115.20 kB
facebook-www/ReactDOM-prod.modern.js = 644.02 kB 644.02 kB = 113.61 kB 113.61 kB

Significant size changes

Includes any change greater than 0.2%:

(No significant changes)

Generated by 🚫 dangerJS against a47ab6d

@poteto
[ci] Scope permissions for runtime_commit_artifacts.yml
a47ab6d 
By default the github token is used with write-all permissions. Let's scope it down to just what we need.

https://docs.github.com/en/actions/writing-workflows/workflow-syntax-for-github-actions#permissions
@poteto poteto mentioned this pull request Mar 21, 2025
Merged
josephsavona
josephsavona approved these changes Mar 21, 2025
View reviewed changes
Copy link
Copy Markdown
Member

@josephsavona josephsavona left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm not an expert here but this makes sense

@poteto
Copy link
Copy Markdown
Contributor Author

poteto commented Mar 21, 2025

Test (dry) run: https://github.com/facebook/react/actions/runs/13998311423

@poteto poteto merged commit 607615f into main Mar 21, 2025
@poteto poteto deleted the pr32701 branch March 21, 2025 18:40
@vercel-release-bot vercel-release-bot mentioned this pull request Mar 25, 2025
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@josephsavona josephsavona josephsavona approved these changes

Assignees

No one assigned

Labels

CLA Signed React Core Team Opened by a member of the React Core Team

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@poteto @react-sizebot @josephsavona @facebook-github-bot