From c6f36474ba9b492eea2a60930ca7304ea96176af Mon Sep 17 00:00:00 2001 From: ReenigneArcher <42013603+ReenigneArcher@users.noreply.github.com> Date: Fri, 25 Apr 2025 21:01:37 -0400 Subject: [PATCH] ci(release): increase permission for job and bump actions (#3816) --- .github/workflows/CI.yml | 12 +++++++----- .github/workflows/ci-docker.yml | 6 ++++-- 2 files changed, 11 insertions(+), 7 deletions(-) diff --git a/.github/workflows/CI.yml b/.github/workflows/CI.yml index 0636112f..a202d01a 100644 --- a/.github/workflows/CI.yml +++ b/.github/workflows/CI.yml @@ -40,6 +40,8 @@ jobs: release_generate_release_notes: ${{ steps.setup_release.outputs.release_generate_release_notes }} release_tag: ${{ steps.setup_release.outputs.release_tag }} release_version: ${{ steps.setup_release.outputs.release_version }} + permissions: + contents: write # read does not work to check squash and merge details runs-on: ubuntu-latest steps: - name: Checkout @@ -47,7 +49,7 @@ jobs: - name: Setup Release id: setup_release - uses: LizardByte/setup-release-action@v2025.102.14715 + uses: LizardByte/setup-release-action@v2025.426.225 with: github_token: ${{ secrets.GITHUB_TOKEN }} @@ -249,7 +251,7 @@ jobs: - name: Create/Update GitHub Release if: needs.setup_release.outputs.publish_release == 'true' - uses: LizardByte/create-release-action@v2025.102.13208 + uses: LizardByte/create-release-action@v2025.426.1549 with: allowUpdates: true body: ${{ needs.setup_release.outputs.release_body }} @@ -462,7 +464,7 @@ jobs: - name: Create/Update GitHub Release if: needs.setup_release.outputs.publish_release == 'true' - uses: LizardByte/create-release-action@v2025.102.13208 + uses: LizardByte/create-release-action@v2025.426.1549 with: allowUpdates: true body: ${{ needs.setup_release.outputs.release_body }} @@ -663,7 +665,7 @@ jobs: if: >- matrix.release && needs.setup_release.outputs.publish_release == 'true' - uses: LizardByte/create-release-action@v2025.102.13208 + uses: LizardByte/create-release-action@v2025.426.1549 with: allowUpdates: true artifacts: '${{ github.workspace }}/homebrew/*' @@ -978,7 +980,7 @@ jobs: - name: Create/Update GitHub Release if: needs.setup_release.outputs.publish_release == 'true' - uses: LizardByte/create-release-action@v2025.102.13208 + uses: LizardByte/create-release-action@v2025.426.1549 with: allowUpdates: true body: ${{ needs.setup_release.outputs.release_body }} diff --git a/.github/workflows/ci-docker.yml b/.github/workflows/ci-docker.yml index a058d646..d307d369 100644 --- a/.github/workflows/ci-docker.yml +++ b/.github/workflows/ci-docker.yml @@ -114,6 +114,8 @@ jobs: release_generate_release_notes: ${{ steps.setup_release.outputs.release_generate_release_notes }} release_tag: ${{ steps.setup_release.outputs.release_tag }} release_version: ${{ steps.setup_release.outputs.release_version }} + permissions: + contents: write # read does not work to check squash and merge details runs-on: ubuntu-latest steps: - name: Checkout @@ -121,7 +123,7 @@ jobs: - name: Setup Release id: setup_release - uses: LizardByte/setup-release-action@v2025.102.14715 + uses: LizardByte/setup-release-action@v2025.426.225 with: dotnet: ${{ needs.check_dockerfiles.outputs.dotnet }} github_token: ${{ secrets.GITHUB_TOKEN }} @@ -354,7 +356,7 @@ jobs: if: > needs.setup_release.outputs.publish_release == 'true' && steps.prepare.outputs.artifacts == 'true' - uses: LizardByte/create-release-action@v2025.102.13208 + uses: LizardByte/create-release-action@v2025.426.1549 with: allowUpdates: true artifacts: "*artifacts/*"