Skip to content

Prettify and random ordering of MIDIWeb-Hub sites, sort by name.#7

Merged
antiero merged 2 commits intomainfrom
featrure/prettifySorting
Mar 31, 2026
Merged

Prettify and random ordering of MIDIWeb-Hub sites, sort by name.#7
antiero merged 2 commits intomainfrom
featrure/prettifySorting

Conversation

@antiero
Copy link
Copy Markdown
Member

@antiero antiero commented Mar 31, 2026

No description provided.

github-advanced-security[bot]
github-advanced-security bot found potential problems Mar 31, 2026
View reviewed changes
github-advanced-security[bot]
github-advanced-security bot found potential problems Mar 31, 2026
View reviewed changes
.github/workflows/data-style.yml
Comment on lines +21 to +41
runs-on: ubuntu-latest

steps:
- name: Checkout
uses: actions/checkout@v4

- name: Setup Node
uses: actions/setup-node@v4
with:
node-version: 20
cache: npm

- name: Install dependencies
run: npm ci

- name: Check src/data.ts formatting
run: |
npm run check:data || {
echo "::error title=src/data.ts formatting::Run 'npm run format:data', commit the updated src/data.ts, and push again."
exit 1
}

Check warning

Code scanning / CodeQL

Workflow does not contain permissions Medium

Actions job or workflow does not limit the permissions of the GITHUB_TOKEN. Consider setting an explicit permissions block, using the following as a minimal starting point: {contents: read}

Copilot Autofix

AI 3 days ago

In general, the problem is fixed by explicitly declaring a minimal permissions: block in the workflow or job, instead of inheriting broad defaults. For a style/formatting check job that only needs to read the repository contents, we can safely restrict GITHUB_TOKEN to contents: read.

The best fix here is to add a workflow-level permissions: block right under the name: (or at least before jobs:). This will apply to all jobs that don’t override it. Given the current steps, the job only needs to check out code and install dependencies, so contents: read is sufficient. No functionality changes are introduced because none of the steps requires write permissions or access to other resources (issues, pull requests, packages, etc.).

Concretely, in .github/workflows/data-style.yml, insert:

permissions:
  contents: read

after line 1 (name: Validate data style) and before the on: block. No additional imports or methods are required, as this is a pure YAML configuration change.

Suggested changeset 1
.github/workflows/data-style.yml

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/.github/workflows/data-style.yml b/.github/workflows/data-style.yml
--- a/.github/workflows/data-style.yml
+++ b/.github/workflows/data-style.yml
@@ -1,5 +1,8 @@
 name: Validate data style
 
+permissions:
+  contents: read
+
 on:
   pull_request:
     paths:
EOF
@@ -1,5 +1,8 @@
name: Validate data style

permissions:
contents: read

on:
pull_request:
paths:
Copilot is powered by AI and may make mistakes. Always verify output.
@antiero antiero merged commit fee877b into main Mar 31, 2026
4 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@antiero @github-advanced-security