From 2656e29c2f9667ea44366bcf6aaf989c2b6a3d5c Mon Sep 17 00:00:00 2001 From: Sergei Predvoditelev Date: Sun, 12 Jul 2026 22:34:04 +0300 Subject: [PATCH] Cleanup GitHub workflows --- .github/workflows/rector-cs.yml | 2 ++ .github/workflows/zizmor.yml | 16 ++++++---------- 2 files changed, 8 insertions(+), 10 deletions(-) diff --git a/.github/workflows/rector-cs.yml b/.github/workflows/rector-cs.yml index d4003af..83e3649 100644 --- a/.github/workflows/rector-cs.yml +++ b/.github/workflows/rector-cs.yml @@ -19,6 +19,8 @@ concurrency: jobs: rector: + permissions: + contents: write # Required to commit automated Rector and CS fixes uses: yiisoft/actions/.github/workflows/rector-cs.yml@master with: php: '8.1' diff --git a/.github/workflows/zizmor.yml b/.github/workflows/zizmor.yml index 430255d..7534234 100644 --- a/.github/workflows/zizmor.yml +++ b/.github/workflows/zizmor.yml @@ -1,21 +1,17 @@ name: GitHub Actions Security Analysis with zizmor 🌈 on: - push: - branches: - - master - - main - paths: - - '.github/**.yml' - - '.github/**.yaml' pull_request: - paths: + paths: &paths - '.github/**.yml' - '.github/**.yaml' + push: + branches: ['master'] + paths: *paths permissions: - actions: read # Required by zizmor when reading workflow metadata through the API. - contents: read # Required to read workflow files. + actions: read # Required by zizmor when reading workflow metadata through the API + contents: read # Required to read workflow files jobs: zizmor: