diff options
Diffstat (limited to 'nixpkgs/.github/workflows/labels.yml')
-rw-r--r-- | nixpkgs/.github/workflows/labels.yml | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/nixpkgs/.github/workflows/labels.yml b/nixpkgs/.github/workflows/labels.yml index c464f8bf58a9..5f949ddc56b1 100644 --- a/nixpkgs/.github/workflows/labels.yml +++ b/nixpkgs/.github/workflows/labels.yml @@ -4,6 +4,11 @@ on: pull_request_target: types: [edited, opened, synchronize, reopened] +# WARNING: +# When extending this action, be aware that $GITHUB_TOKEN allows some write +# access to the GitHub API. This means that it should not evaluate user input in +# a way that allows code injection. + permissions: contents: read pull-requests: write |