commit | f5d4283825a986d5515c7cf58fada172d148e4da | [log] [tgz] |
---|---|---|
author | bazel.build machine account <15028808+bazel-io@users.noreply.github.com> | Wed Nov 08 12:00:30 2023 -0500 |
committer | GitHub <noreply@github.com> | Wed Nov 08 17:00:30 2023 +0000 |
tree | df3fb0d6d2c09d8fc680a4fd29fe4279f855ab14 | |
parent | ab0da80c4984ba7505b7ed98825969a75b72c007 [diff] |
[7.0.0] Add top-level permissions to cherry-picker and remove-labels.yml (#20113) Fixes #20086. As described in the issue, this PR adds read-only permissions to bazel's workflows that don't yet have them. This reduces the risk of supply-chain attacks via the project's CI/CD infrastructure. My understanding is that `cherry-picker.yml` does not require any additional permissions since everything done by `bazelbuild/continuous-integration/actions/cherry_picker` uses the declared `GH_TOKEN` instead of the workflow's default `GITHUB_TOKEN`. If I'm mistaken, let me know and I'll happy fix the PR. Closes #20087. Commit https://github.com/bazelbuild/bazel/commit/ba61ff7d2eb6ed697e12abe3688992e85c434b30 PiperOrigin-RevId: 580542813 Change-Id: Ib45164ea8d9c0aa583e91d316ad2b552f3c9b5b7 Co-authored-by: Pedro Kaj Kjellerup Nacht <pnacht@google.com>
{Fast, Correct} - Choose two
Build and test software of any size, quickly and reliably.
Speed up your builds and tests: Bazel rebuilds only what is necessary. With advanced local and distributed caching, optimized dependency analysis and parallel execution, you get fast and incremental builds.
One tool, multiple languages: Build and test Java, C++, Android, iOS, Go, and a wide variety of other language platforms. Bazel runs on Windows, macOS, and Linux.
Scalable: Bazel helps you scale your organization, codebase, and continuous integration solution. It handles codebases of any size, in multiple repositories or a huge monorepo.
Extensible to your needs: Easily add support for new languages and platforms with Bazel's familiar extension language. Share and re-use language rules written by the growing Bazel community.
Follow our tutorials:
To report a security issue, please email security@bazel.build with a description of the issue, the steps you took to create the issue, affected versions, and, if known, mitigations for the issue. Our vulnerability management team will respond within 3 working days of your email. If the issue is confirmed as a vulnerability, we will open a Security Advisory. This project follows a 90 day disclosure timeline.
See CONTRIBUTING.md