-
Notifications
You must be signed in to change notification settings - Fork 1.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Dependabot workflows permissions #2260
Comments
This also affects our ability to create the changesets for the dependabot PRs as well |
@maschad @petertonysmith94 Do we know what the solution is here? There may be settings I could configure in the repo. As I mentioned in the last sync, we must address all those dependabot PRs to clear the clutter. |
@arboleya is there a Dependabot Secrets tab? |
@arboleya let's pair on this to resolve it. |
@petertonysmith94 the dependabot PRs don't need to report coverage tbh, so we may not need to add permissions, let's as we could just disable that step for dependabot PRs |
@maschad does it not require the permissions for the create-changeset job? |
That job is completed by the Github bot and so it shouldn't to the best of my knowledge, but otherwise yes we would need to add it to the secret as you suggested |
Dependabot workflows appear to run in a less privileged state (with read only permissions).
This is causing issues where the coverage report can't be posted.
Dependabot permissions
source
Standard CI permissions
source
Originally posted by @petertonysmith94 in #2259 (comment)
The text was updated successfully, but these errors were encountered: