mirror of
https://github.com/sripwoud/ts-template.git
synced 2026-01-08 21:18:18 -05:00
8f6b6f06cc
Potential fix for [https://github.com/sripwoud/ts-template/security/code-scanning/1](https://github.com/sripwoud/ts-template/security/code-scanning/1) To resolve this issue, add an explicit `permissions` block at the top level of the workflow (or for the single job), assigning only the minimal permissions needed. Since this workflow uses an action to check the PR title formatting and does not appear to need to write to the repo or PR (e.g., comment, label, merge), it likely only needs to read pull request metadata. Therefore, set `contents: read` and `pull-requests: read` for the workflow. Update `.github/workflows/semantic-pr.yml` by adding this block after the `name:` line and before the `on:` line. No additional imports or definitions are required. --- _Suggested fixes powered by Copilot Autofix. Review carefully before merging._ --------- Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
 |
TEMPLATE |
|---|
| Feature | With | Configuration File |
|---|---|---|
| Continuous Integration | GitHub Workflow | .github/workflows |
Conventional Commits (main branch only) |
convco | .convco |
Conventional PR Titles (because I only squash merge and base changelogs/semantic versioning on main commit history) |
amann/action-semantic-pull-request | semantic-pr.yml |
| Formatting | dprint | .dprint.jsonc |
| Git Hooks | hk | hk.pkl |
| Import Aliases | Typescript paths | tsconfig.json |
| Linting | Biome | .biome.jsonc |
| Runtime, Tests Runner | Bun | bunfig.toml |
| Tasks Runner, Environment & Runtime Management | mise | mise.toml |
| Typings | Typescript | tsconfig.json |
Develop
I use mise to manage runtimes, manage environment variables, and run tasks.
To install it and setup the repository:
./setup
To run tasks interactively:
mise run