Rohan5commit opened a new pull request, #38159:
URL: https://github.com/apache/superset/pull/38159
## Summary
Add explicit `GITHUB_TOKEN` permissions to maintenance workflows that
currently rely on implicit defaults:
- `.github/workflows/no-hold-label.yml`
- `pull-requests: read`
- `.github/workflows/pre-commit.yml`
- `contents: read`
- `.github/workflows/tech-debt.yml`
- `contents: read`
## Why
These workflows only need read access for their current steps (`checkout`,
PR label inspection via event payload/script). Declaring the scopes explicitly
improves least-privilege posture and makes required access clear.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
