From 586ba1a5efd7e4b3f7a0524546a17c1ebea701e7 Mon Sep 17 00:00:00 2001 From: Sergei Predvoditelev Date: Sun, 12 Jul 2026 17:21:11 +0300 Subject: [PATCH] Cleanup GitHub workflows --- .github/workflows/rector-cs.yml | 2 ++ .github/workflows/zizmor.yml | 16 ++++++---------- 2 files changed, 8 insertions(+), 10 deletions(-) diff --git a/.github/workflows/rector-cs.yml b/.github/workflows/rector-cs.yml index 5707806..0361220 100644 --- a/.github/workflows/rector-cs.yml +++ b/.github/workflows/rector-cs.yml @@ -19,6 +19,8 @@ concurrency: jobs: rector: + permissions: + contents: write # Required to commit automated Rector and CS fixes uses: yiisoft/actions/.github/workflows/rector-cs.yml@master with: php: '7.4' diff --git a/.github/workflows/zizmor.yml b/.github/workflows/zizmor.yml index 430255d..7534234 100644 --- a/.github/workflows/zizmor.yml +++ b/.github/workflows/zizmor.yml @@ -1,21 +1,17 @@ name: GitHub Actions Security Analysis with zizmor 🌈 on: - push: - branches: - - master - - main - paths: - - '.github/**.yml' - - '.github/**.yaml' pull_request: - paths: + paths: &paths - '.github/**.yml' - '.github/**.yaml' + push: + branches: ['master'] + paths: *paths permissions: - actions: read # Required by zizmor when reading workflow metadata through the API. - contents: read # Required to read workflow files. + actions: read # Required by zizmor when reading workflow metadata through the API + contents: read # Required to read workflow files jobs: zizmor: