polymech/zeroclaw
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
d1fffc3b74
zeroclaw/.github
History
Simian Astronaut 7 d1fffc3b74 fix(ci): scope release workflow permissions per-job 
Narrow workflow-level permissions to contents:read and grant
write access only to the specific jobs that need it (publish
gets contents:write, docker gets packages:write). Reduces blast
radius if a build step is compromised (P1 finding).

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-10 01:09:51 -04:00
..
codeql Standardize security workflow and enhance CodeQL analysis (#479) 2026-02-17 00:10:46 -05:00
ISSUE_TEMPLATE Removing extraneous required fields from Github PRs 2026-03-07 21:39:31 -05:00
workflows fix(ci): scope release workflow permissions per-job 2026-03-10 01:09:51 -04:00
actionlint.yaml chore(ci): externalize workflow scripts and relocate main flow doc (#722) 2026-02-17 19:48:37 -05:00
CODEOWNERS Returning file to prior state 2026-03-07 22:05:49 -05:00
dependabot.yml chore: update .gitignore, CODEOWNERS, and dependabot configuration 2026-03-07 21:05:23 -05:00
label-policy.json ci(workflows): consolidate policy and rust workflow setup (#564) 2026-02-17 11:35:20 -05:00
labeler.yml docs: strengthen collaboration governance and AGENTS engineering protocol (#263) 2026-02-16 05:59:04 -05:00
pull_request_template.md chore: migrate to single master branch model and update maintainers 2026-03-06 13:01:32 -05:00