Skip to content

ci: use GitHub App token#11938

Closed
DariuszPorowski wants to merge 0 commit into
kachawla/contrib-sync-workflowfrom
dp/selected-wildebeest-blush
Closed

ci: use GitHub App token#11938
DariuszPorowski wants to merge 0 commit into
kachawla/contrib-sync-workflowfrom
dp/selected-wildebeest-blush

Conversation

@DariuszPorowski

Copy link
Copy Markdown
Member

No description provided.

@DariuszPorowski DariuszPorowski requested a review from kachawla May 19, 2026 15:25
@DariuszPorowski DariuszPorowski self-assigned this May 19, 2026
@DariuszPorowski DariuszPorowski requested review from a team as code owners May 19, 2026 15:25
@github-actions

Copy link
Copy Markdown

This PR requires exactly 1 of the following labels: pr:standard, pr:important.
Currently applied labels: .

Label descriptions:

  • pr:important - Major features, breaking changes, deprecations, or other high-impact changes that need special attention during release.
  • pr:standard - Ongoing maintenance, minor improvements, documentation updates, and routine development work.

@DariuszPorowski, please add the appropriate label to this PR before merging.

@github-actions

Copy link
Copy Markdown

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

PackageVersionScoreDetails
actions/actions/create-github-app-token bcd2ba49218906704ab6c1aa796996da409d3eb1 🟢 6.1
Details
CheckScoreReason
Code-Review⚠️ 2Found 3/14 approved changesets -- score normalized to 2
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Packaging⚠️ -1packaging workflow not detected
Maintained🟢 1030 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10
Binary-Artifacts🟢 10no binaries found in the repo
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Pinned-Dependencies🟢 7dependency not pinned by hash detected -- score normalized to 7
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Fuzzing⚠️ 0project is not fuzzed
License🟢 10license file detected
Signed-Releases⚠️ -1no releases found
Security-Policy🟢 9security policy file detected
SAST🟢 6SAST tool is not run on all commits -- score normalized to 6
Branch-Protection🟢 6branch protection is not maximal on development and all release branches

Scanned Files

  • .github/workflows/contrib-update-resource-types.yaml

@kachawla

Copy link
Copy Markdown
Member

thanks @DariuszPorowski. Added these changes to #11916

@DariuszPorowski DariuszPorowski force-pushed the dp/selected-wildebeest-blush branch from b64d5f9 to b7bca2c Compare May 19, 2026 16:36
@DariuszPorowski DariuszPorowski deleted the dp/selected-wildebeest-blush branch May 19, 2026 16:36
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants