Dependabot workflows permissions #2260
Comments
|
This also affects our ability to create the changesets for the dependabot PRs as well |
|
@maschad @petertonysmith94 Do we know what the solution is here? There may be settings I could configure in the repo. As I mentioned in the last sync, we must address all those dependabot PRs to clear the clutter. |
|
@arboleya is there a Dependabot Secrets tab? |
|
@arboleya let's pair on this to resolve it. |
|
@petertonysmith94 the dependabot PRs don't need to report coverage tbh, so we may not need to add permissions, let's as we could just disable that step for dependabot PRs |
|
@maschad does it not require the permissions for the create-changeset job? |
That job is completed by the Github bot and so it shouldn't to the best of my knowledge, but otherwise yes we would need to add it to the secret as you suggested |
Dependabot workflows appear to run in a less privileged state (with read only permissions).
This is causing issues where the coverage report can't be posted.
Dependabot permissions
source
Standard CI permissions
source
Originally posted by @petertonysmith94 in #2259 (comment)
The text was updated successfully, but these errors were encountered: