read-all permission should not be used.
❌
name: test
jobs:
foo:
runs-on: ubuntu-latest
permissions: read-all # Don't use read-all
steps:
- run: echo foo⭕
name: test
jobs:
foo:
runs-on: ubuntu-latest
permissions:
contents: read
steps:
- run: echo fooFor least privilege. You should grant only necessary permissions.