GitHub Workflows security hardening (#8267)

Signed-off-by: Alex <aleksandrosansan@gmail.com>
2022-09-26 18:54:27 +02:00
parent 8f77677193
commit 1082ccd3cc
6 changed files with 18 additions and 0 deletions
--- a/.github/workflows/jvm_tests.yml
+++ b/.github/workflows/jvm_tests.yml
@@ -2,6 +2,9 @@ name: XGBoost-JVM-Tests

 on: [push, pull_request]

+permissions:
+  contents: read # to fetch code (actions/checkout)
+
 jobs:
  test-with-jvm:
    name: Test JVM on OS ${{ matrix.os }}