chore(ci): Maximize CI/CD values (Dependabot & Permissions) #13

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged

hyperpolymath merged 3 commits into main from chore/cicd-optimizations

Mar 19, 2026

Merged

chore(ci): Maximize CI/CD values (Dependabot & Permissions) #13

fix(scorecard): enforce granular permissions and add fuzzing placeholder

SonarQubeCloud / SonarCloud Code Analysis failed Mar 18, 2026 in 18s

Quality Gate failed

Failed conditions
C Security Rating on New Code (required ≥ A)

See analysis details on SonarQube Cloud

Catch issues before they fail your Quality Gate with our IDE extension SonarQube for IDE

Annotations

Check warning on line 11 in .github/workflows/secret-scanner.yml

sonarqubecloud / SonarCloud Code Analysis

Move this read permission from workflow level to job level.

See more on https://sonarcloud.io/project/issues?id=hyperpolymath_aerie&issues=AZ0C5jp2X7DOvjq5tS7R&open=AZ0C5jp2X7DOvjq5tS7R&pullRequest=13

Check warning on line 13 in .github/workflows/scorecard-enforcer.yml

sonarqubecloud / SonarCloud Code Analysis

Move this read permission from workflow level to job level.

See more on https://sonarcloud.io/project/issues?id=hyperpolymath_aerie&issues=AZ0C5jqRX7DOvjq5tS7S&open=AZ0C5jqRX7DOvjq5tS7S&pullRequest=13

Check warning on line 11 in .github/workflows/mirror.yml

sonarqubecloud / SonarCloud Code Analysis

Move this read permission from workflow level to job level.

See more on https://sonarcloud.io/project/issues?id=hyperpolymath_aerie&issues=AZ0C5jm_X7DOvjq5tS7Q&open=AZ0C5jm_X7DOvjq5tS7Q&pullRequest=13

View more details on SonarQubeCloud