fix: Update permissions in workflows to use specific access levels (#10)

woopstar · web-flow · commit df981e985f1c · 2025-07-09T11:05:55.000+02:00
Adjust permissions in workflows to specify access levels, enhancing
security and functionality for release and label synchronization
processes.
diff --git a/.github/workflows/defender-for-devops.yml b/.github/workflows/defender-for-devops.yml
@@ -32,7 +32,7 @@ jobs:
   MSDO:
     # currently only windows latest is supported
     runs-on: windows-latest
-
+    permissions: write-all
     steps:
     - uses: actions/checkout@v4.2.2
     - uses: actions/setup-dotnet@v4.3.1
diff --git a/.github/workflows/release-drafter.yml b/.github/workflows/release-drafter.yml
@@ -16,6 +16,7 @@ jobs:
   update_release_draft:
     name: Update release draft
     runs-on: ubuntu-latest
+    permissions: write-all
     steps:
       - name: Checkout
         uses: actions/checkout@v4
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -11,9 +11,10 @@ env:
   COMPONENT_DIR: hsem
 
 jobs:
-  release_zip_file:
+  release_file:
     name: Prepare release asset
     runs-on: ubuntu-latest
+    permissions: write-all
     steps:
       - name: Checkout repository
         uses: actions/checkout@v4
diff --git a/.github/workflows/sync-labels.yaml b/.github/workflows/sync-labels.yaml
@@ -15,6 +15,7 @@ jobs:
   labels:
     name: ♻️ Sync labels
     runs-on: ubuntu-latest
+    permissions: write-all
     steps:
       - name: ⤵️ Check out code from GitHub
         uses: actions/checkout@v4.2.2
