From 070388a42b2e7700a30cf07bc793664942642a17 Mon Sep 17 00:00:00 2001 From: oSumAtrIX Date: Mon, 30 Sep 2024 23:41:48 +0200 Subject: [PATCH] ci: Use permissions and regular GitHub token instead of PAT --- .github/workflows/pull_strings.yml | 4 +++- .github/workflows/push_strings.yml | 1 - .github/workflows/release.yml | 5 ++++- 3 files changed, 7 insertions(+), 3 deletions(-) diff --git a/.github/workflows/pull_strings.yml b/.github/workflows/pull_strings.yml index e1d931932..dfed101ef 100644 --- a/.github/workflows/pull_strings.yml +++ b/.github/workflows/pull_strings.yml @@ -8,6 +8,8 @@ on: jobs: pull: name: Pull strings + permissions: + contents: write runs-on: ubuntu-latest steps: - name: Checkout @@ -30,6 +32,6 @@ jobs: github_user_name: revanced-bot github_user_email: github@revanced.app env: - GITHUB_TOKEN: ${{ secrets.REPOSITORY_PUSH_ACCESS }} + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} CROWDIN_PROJECT_ID: ${{ secrets.CROWDIN_PROJECT_ID }} CROWDIN_PERSONAL_TOKEN: ${{ secrets.CROWDIN_PERSONAL_TOKEN }} diff --git a/.github/workflows/push_strings.yml b/.github/workflows/push_strings.yml index 27c294cf7..a04af2499 100644 --- a/.github/workflows/push_strings.yml +++ b/.github/workflows/push_strings.yml @@ -24,6 +24,5 @@ jobs: config: crowdin.yml upload_sources: true env: - GITHUB_TOKEN: ${{ secrets.REPOSITORY_PUSH_ACCESS }} CROWDIN_PROJECT_ID: ${{ secrets.CROWDIN_PROJECT_ID }} CROWDIN_PERSONAL_TOKEN: ${{ secrets.CROWDIN_PERSONAL_TOKEN }} diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 8cf1d3a61..b210aad5c 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -10,6 +10,9 @@ on: jobs: release: name: Release + permissions: + contents: write + packages: write runs-on: ubuntu-latest steps: - name: Checkout @@ -46,5 +49,5 @@ jobs: - name: Release env: - GITHUB_TOKEN: ${{ secrets.REPOSITORY_PUSH_ACCESS }} + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} run: npm exec semantic-release