Description
Checklist before filing an issue:
- Is this related to the
actions-rsActions? - I've read the Contributing section about feature requests: https://github.com/actions-rs/.github/blob/master/CONTRIBUTING.md#feature-requests
- Is this something you can debug and fix? Send a pull request! Bug fixes and documentation fixes are welcome.
Motivation
I would like for the default workflow yml to include permissions for the GITHUB_TOKEN it uses.
Without this, one might fear of giving too many permissions to this github action and as a result they won't use cargo audit (which in turn means that their audits will likely be absent, which I think is not good).
If we implement this, people might be more stusting to install this Action, and its usage will therefore grow.
Workflow example
I would like to set up something like this:
permissions:
issues: write
pull-requests: read
contents: readSo that GITHUB_TOKEN would have exactly the right it needs, which would in turn make me feel safer about using this Action/Workflow. I do not immediately know this list, however. The above one is random-guessed and might be invalid.
Additional context
See the full list of possible permissions: https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions