From 86eeff0e685cde6c19dd05abbfe83155cc238e52 Mon Sep 17 00:00:00 2001 From: Frazer Smith Date: Tue, 22 Nov 2022 18:28:47 +0000 Subject: [PATCH] ci: remove git credentials after checkout (#5235) Co-authored-by: Jay --- .github/workflows/ci.yml | 2 ++ .github/workflows/codeql-analysis.yml | 2 ++ .github/workflows/depsreview.yaml | 2 ++ 3 files changed, 6 insertions(+) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 3b2814d0..fd9a2786 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -19,6 +19,8 @@ jobs: steps: - uses: actions/checkout@v3 + with: + persist-credentials: false - name: Setup node uses: actions/setup-node@v3 with: diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index cc6b8aee..1c267c31 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -25,6 +25,8 @@ jobs: steps: - name: Checkout repository uses: actions/checkout@v3 + with: + persist-credentials: false # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL diff --git a/.github/workflows/depsreview.yaml b/.github/workflows/depsreview.yaml index da99d0c5..3cda87cd 100644 --- a/.github/workflows/depsreview.yaml +++ b/.github/workflows/depsreview.yaml @@ -10,5 +10,7 @@ jobs: steps: - name: 'Checkout Repository' uses: actions/checkout@v3 + with: + persist-credentials: false - name: 'Dependency Review' uses: actions/dependency-review-action@v3