CodeQL flagged the workflow as missing an explicit permissions declaration (security/code-scanning/61). All jobs are read-only (checkout, install, build, test) — contents: read is sufficient. Matches the workflow-level pattern already used in coverage.yml. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> |
||
|---|---|---|
| .. | ||
| scripts | ||
| workflows | ||
| copilot-instructions.md | ||