René's URL Explorer Experiment

Title: Workflows are missing permissions requests · Issue #15462 · github/codeql · GitHub

Open Graph Title: Workflows are missing permissions requests · Issue #15462 · github/codeql

X Title: Workflows are missing permissions requests · Issue #15462 · github/codeql

Description: https://github.com/check-spelling-sandbox/codeql/actions/runs/7699091660/workflow https://github.com/check-spelling-sandbox/codeql/actions/runs/7699091660/job/20979906681#step:19:55 Post job cleanup. Warning: Debugging artifacts are unav...

Open Graph Description: https://github.com/check-spelling-sandbox/codeql/actions/runs/7699091660/workflow https://github.com/check-spelling-sandbox/codeql/actions/runs/7699091660/job/20979906681#step:19:55 Post job cleanu...

X Description: https://github.com/check-spelling-sandbox/codeql/actions/runs/7699091660/workflow https://github.com/check-spelling-sandbox/codeql/actions/runs/7699091660/job/20979906681#step:19:55 Post job cleanu...

Opengraph URL: https://github.com/github/codeql/issues/15462

X: @github

direct link

Domain: github.com

Hey, it has json ld scripts:

{"@context":"https://schema.org","@type":"DiscussionForumPosting","headline":"Workflows are missing permissions requests","articleBody":"https://github.com/check-spelling-sandbox/codeql/actions/runs/7699091660/workflow\r\n\r\nhttps://github.com/check-spelling-sandbox/codeql/actions/runs/7699091660/job/20979906681#step:19:55\r\n\r\n```\r\nPost job cleanup.\r\nWarning: Debugging artifacts are unavailable since the 'init' Action failed before it could produce any.\r\nRequestError [HttpError]: Resource not accessible by integration\r\n    at /home/runner/work/_actions/github/codeql-action/v2/node_modules/@octokit/request/dist-node/index.js:86:21\r\n    at processTicksAndRejections (node:internal/process/task_queues:96:5)\r\n    at async requestWithGraphqlErrorHandling (/home/runner/work/_actions/github/codeql-action/v2/node_modules/@octokit/plugin-retry/dist-node/index.js:71:20)\r\n    at async Job.doExecute (/home/runner/work/_actions/github/codeql-action/v2/node_modules/bottleneck/light.js:405:18) {\r\n  status: 403,\r\n  response: {\r\n    url: 'https://api.github.com/repos/check-spelling-sandbox/codeql/code-scanning/analysis/status',\r\n    status: 403,\r\n    headers: {\r\n      'access-control-allow-origin': '*',\r\n      'access-control-expose-headers': 'ETag, Link, Location, Retry-After, X-GitHub-OTP, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Used, X-RateLimit-Resource, X-RateLimit-Reset, X-OAuth-Scopes, X-Accepted-OAuth-Scopes, X-Poll-Interval, X-GitHub-Media-Type, X-GitHub-SSO, X-GitHub-Request-Id, Deprecation, Sunset',\r\n      connection: 'close',\r\n      'content-encoding': 'gzip',\r\n      'content-security-policy': \"default-src 'none'\",\r\n      'content-type': 'application/json; charset=utf-8',\r\n      date: 'Mon, 29 Jan 2024 16:16:02 GMT',\r\n      'referrer-policy': 'origin-when-cross-origin, strict-origin-when-cross-origin',\r\n      server: 'GitHub.com',\r\n      'strict-transport-security': 'max-age=31536000; includeSubdomains; preload',\r\n      'transfer-encoding': 'chunked',\r\n      vary: 'Accept-Encoding, Accept, X-Requested-With',\r\n      'x-content-type-options': 'nosniff',\r\n      'x-frame-options': 'deny',\r\n      'x-github-api-version-selected': '2022-11-28',\r\n      'x-github-media-type': 'github.v3; format=json',\r\n      'x-github-request-id': '94E3:79CB:3878D:7311B:65B7CF42',\r\n      'x-ratelimit-limit': '1000',\r\n      'x-ratelimit-remaining': '961',\r\n      'x-ratelimit-reset': '1706548556',\r\n      'x-ratelimit-resource': 'core',\r\n      'x-ratelimit-used': '39',\r\n      'x-xss-protection': '0'\r\n    },\r\n    data: {\r\n      message: 'Resource not accessible by integration',\r\n      documentation_url: 'https://docs.github.com/rest'\r\n    }\r\n  },\r\n  request: {\r\n    method: 'PUT',\r\n    url: 'https://api.github.com/repos/check-spelling-sandbox/codeql/code-scanning/analysis/status',\r\n    headers: {\r\n      accept: 'application/vnd.github.v3+json',\r\n      'user-agent': 'CodeQL-Action/2.23.2 octokit-core.js/3.6.0 Node.js/16.20.2 (linux; x64)',\r\n      authorization: 'token [REDACTED]',\r\n      'content-type': 'application/json; charset=utf-8'\r\n    },\r\n    body: '{\"action_name\":\"init-post\",\"action_oid\":\"unknown\",\"action_ref\":\"v2\",\"action_started_at\":\"2024-01-29T16:16:02.392Z\",\"action_version\":\"2.23.2\",\"analysis_key\":\".github/workflows/ql-for-ql-dataset_measure.yml:measure\",\"commit_oid\":\"aeae208dc3291109d6c798179bb8944961348823\",\"job_name\":\"measure\",\"job_run_uuid\":\"75681a8a-17f0-4c74-b850-172cffab9a66\",\"ref\":\"refs/heads/main\",\"runner_available_disk_space_bytes\":31716970496,\"runner_os\":\"Linux\",\"runner_total_disk_space_bytes\":89297309696,\"started_at\":\"2024-01-29T16:16:01.614Z\",\"status\":\"success\",\"testing_environment\":\"\",\"workflow_name\":\"Collect database stats for QL for QL\",\"workflow_run_attempt\":1,\"workflow_run_id\":7699091660,\"completed_at\":\"2024-01-29T16:16:02.416Z\",\"matrix_vars\":\"{\\\\n  \\\\\"repo\\\\\": \\\\\"github/codeql\\\\\"\\\\n}\",\"runner_arch\":\"X64\",\"runner_image_version\":\"20240126.1.0\",\"job_status\":\"JOB_STATUS_UNKNOWN\"}',\r\n    request: { agent: [Agent], hook: [Function: bound bound register] }\r\n  }\r\n}\r\nError: Resource not accessible by integration\r\n```\r\n\r\nI presume that it needs:\r\n\r\n```\r\npermissions:\r\n  security-events: write\r\n```\r\n\r\nor similar, but this api isn't documented in https://docs.github.com/en/rest/authentication/permissions-required-for-github-apps?apiVersion=2022-11-28 so I have absolutely no idea.","author":{"url":"https://github.com/jsoref","@type":"Person","name":"jsoref"},"datePublished":"2024-01-29T17:47:23.000Z","interactionStatistic":{"@type":"InteractionCounter","interactionType":"https://schema.org/CommentAction","userInteractionCount":13},"url":"https://github.com/15462/codeql/issues/15462"}

route-pattern	/_view_fragments/issues/show/:user_id/:repository/:id/issue_layout(.:format)
route-controller	voltron_issues_fragments
route-action	issue_layout
fetch-nonce	v2:c5c05253-2539-c73d-a18b-52ed861e614e
current-catalog-service-hash	81bb79d38c15960b92d99bca9288a9108c7a47b18f2423d0f6438c5b7bcd2114
request-id	D104:28F768:50757F:69E035:696B440D
html-safe-nonce	091b8cdf6f96aded85c2c8cc9ddd077f136facb11d10b741b056d5360dab5aac
visitor-payload	eyJyZWZlcnJlciI6IiIsInJlcXVlc3RfaWQiOiJEMTA0OjI4Rjc2ODo1MDc1N0Y6NjlFMDM1OjY5NkI0NDBEIiwidmlzaXRvcl9pZCI6IjE2NDA4NTUwODQyNjM0OTA1NzMiLCJyZWdpb25fZWRnZSI6ImlhZCIsInJlZ2lvbl9yZW5kZXIiOiJpYWQifQ==
visitor-hmac	eceef7232ae65f32ab0b81b5831685a3c4011bac905feeef86dd801fd55a650e
hovercard-subject-tag	issue:2106095199
github-keyboard-shortcuts	repository,issues,copilot
google-site-verification	Apib7-x98H0j5cPqHWwSMm6dNU4GmODRoqxLiDzdx9I
octolytics-url	https://collector.github.com/github/collect
analytics-location	///voltron/issues_fragments/issue_layout
fb:app_id	1401488693436528
apple-itunes-app	app-id=1477376905, app-argument=https://github.com/_view_fragments/issues/show/github/codeql/15462/issue_layout
twitter:image	https://opengraph.githubassets.com/84aa77b35b4dc6fe4b1747eadfb1cad3bae45f5bf5b475208249b6684414c7cd/github/codeql/issues/15462
twitter:card	summary_large_image
og:image	https://opengraph.githubassets.com/84aa77b35b4dc6fe4b1747eadfb1cad3bae45f5bf5b475208249b6684414c7cd/github/codeql/issues/15462
og:image:alt	https://github.com/check-spelling-sandbox/codeql/actions/runs/7699091660/workflow https://github.com/check-spelling-sandbox/codeql/actions/runs/7699091660/job/20979906681#step:19:55 Post job cleanu...
og:image:width	1200
og:image:height	600
og:site_name	GitHub
og:type	object
og:author:username	jsoref
hostname	github.com
expected-hostname	github.com
None	5f99f7c1d70f01da5b93e5ca90303359738944d8ab470e396496262c66e60b8d
turbo-cache-control	no-preview
go-import	github.com/github/codeql git https://github.com/github/codeql.git
octolytics-dimension-user_id	9919
octolytics-dimension-user_login	github
octolytics-dimension-repository_id	143040428
octolytics-dimension-repository_nwo	github/codeql
octolytics-dimension-repository_public	true
octolytics-dimension-repository_is_fork	false
octolytics-dimension-repository_network_root_id	143040428
octolytics-dimension-repository_network_root_nwo	github/codeql
turbo-body-classes	logged-out env-production page-responsive
disable-turbo	false
browser-stats-url	https://api.github.com/_private/browser/stats
browser-errors-url	https://api.github.com/_private/browser/errors
release	82560a55c6b2054555076f46e683151ee28a19bc
ui-target	full
theme-color	#1e2327
color-scheme	light dark

Links:

Skip to content	https://github.com/github/codeql/issues/15462#start-of-content
	https://github.com/
Sign in	https://github.com/login?return_to=https%3A%2F%2Fgithub.com%2Fgithub%2Fcodeql%2Fissues%2F15462
GitHub CopilotWrite better code with AI	https://github.com/features/copilot
GitHub SparkBuild and deploy intelligent apps	https://github.com/features/spark
GitHub ModelsManage and compare prompts	https://github.com/features/models
MCP RegistryNewIntegrate external tools	https://github.com/mcp
ActionsAutomate any workflow	https://github.com/features/actions
CodespacesInstant dev environments	https://github.com/features/codespaces
IssuesPlan and track work	https://github.com/features/issues
Code ReviewManage code changes	https://github.com/features/code-review
GitHub Advanced SecurityFind and fix vulnerabilities	https://github.com/security/advanced-security
Code securitySecure your code as you build	https://github.com/security/advanced-security/code-security
Secret protectionStop leaks before they start	https://github.com/security/advanced-security/secret-protection
Why GitHub	https://github.com/why-github
Documentation	https://docs.github.com
Blog	https://github.blog
Changelog	https://github.blog/changelog
Marketplace	https://github.com/marketplace
View all features	https://github.com/features
Enterprises	https://github.com/enterprise
Small and medium teams	https://github.com/team
Startups	https://github.com/enterprise/startups
Nonprofits	https://github.com/solutions/industry/nonprofits
App Modernization	https://github.com/solutions/use-case/app-modernization
DevSecOps	https://github.com/solutions/use-case/devsecops
DevOps	https://github.com/solutions/use-case/devops
CI/CD	https://github.com/solutions/use-case/ci-cd
View all use cases	https://github.com/solutions/use-case
Healthcare	https://github.com/solutions/industry/healthcare
Financial services	https://github.com/solutions/industry/financial-services
Manufacturing	https://github.com/solutions/industry/manufacturing
Government	https://github.com/solutions/industry/government
View all industries	https://github.com/solutions/industry
View all solutions	https://github.com/solutions
AI	https://github.com/resources/articles?topic=ai
Software Development	https://github.com/resources/articles?topic=software-development
DevOps	https://github.com/resources/articles?topic=devops
Security	https://github.com/resources/articles?topic=security
View all topics	https://github.com/resources/articles
Customer stories	https://github.com/customer-stories
Events & webinars	https://github.com/resources/events
Ebooks & reports	https://github.com/resources/whitepapers
Business insights	https://github.com/solutions/executive-insights
GitHub Skills	https://skills.github.com
Documentation	https://docs.github.com
Customer support	https://support.github.com
Community forum	https://github.com/orgs/community/discussions
Trust center	https://github.com/trust-center
Partners	https://github.com/partners
GitHub SponsorsFund open source developers	https://github.com/sponsors
Security Lab	https://securitylab.github.com
Maintainer Community	https://maintainers.github.com
Accelerator	https://github.com/accelerator
Archive Program	https://archiveprogram.github.com
Topics	https://github.com/topics
Trending	https://github.com/trending
Collections	https://github.com/collections
Enterprise platformAI-powered developer platform	https://github.com/enterprise
GitHub Advanced SecurityEnterprise-grade security features	https://github.com/security/advanced-security
Copilot for BusinessEnterprise-grade AI features	https://github.com/features/copilot/copilot-business
Premium SupportEnterprise-grade 24/7 support	https://github.com/premium-support
Pricing	https://github.com/pricing
Search syntax tips	https://docs.github.com/search-github/github-code-search/understanding-github-code-search-syntax
documentation	https://docs.github.com/search-github/github-code-search/understanding-github-code-search-syntax
Sign in	https://github.com/login?return_to=https%3A%2F%2Fgithub.com%2Fgithub%2Fcodeql%2Fissues%2F15462
Sign up	https://github.com/signup?ref_cta=Sign+up&ref_loc=header+logged+out&ref_page=%2F%3Cuser-name%3E%2F%3Crepo-name%3E%2Fvoltron%2Fissues_fragments%2Fissue_layout&source=header-repo&source_repo=github%2Fcodeql
Reload	https://github.com/github/codeql/issues/15462
Reload	https://github.com/github/codeql/issues/15462
Reload	https://github.com/github/codeql/issues/15462
github	https://github.com/github
codeql	https://github.com/github/codeql
Notifications	https://github.com/login?return_to=%2Fgithub%2Fcodeql
Fork 1.9k	https://github.com/login?return_to=%2Fgithub%2Fcodeql
Star 9.1k	https://github.com/login?return_to=%2Fgithub%2Fcodeql
Code	https://github.com/github/codeql
Issues 918	https://github.com/github/codeql/issues
Pull requests 368	https://github.com/github/codeql/pulls
Discussions	https://github.com/github/codeql/discussions
Actions	https://github.com/github/codeql/actions
Projects 0	https://github.com/github/codeql/projects
Models	https://github.com/github/codeql/models
Security Uh oh! There was an error while loading. Please reload this page.	https://github.com/github/codeql/security
Please reload this page	https://github.com/github/codeql/issues/15462
Insights	https://github.com/github/codeql/pulse
Code	https://github.com/github/codeql
Issues	https://github.com/github/codeql/issues
Pull requests	https://github.com/github/codeql/pulls
Discussions	https://github.com/github/codeql/discussions
Actions	https://github.com/github/codeql/actions
Projects	https://github.com/github/codeql/projects
Models	https://github.com/github/codeql/models
Security	https://github.com/github/codeql/security
Insights	https://github.com/github/codeql/pulse
New issue	https://github.com/login?return_to=https://github.com/github/codeql/issues/15462
New issue	https://github.com/login?return_to=https://github.com/github/codeql/issues/15462
Workflows are missing permissions requests	https://github.com/github/codeql/issues/15462#top
#15493	https://github.com/github/codeql/pull/15493
questionFurther information is requested	https://github.com/github/codeql/issues?q=state%3Aopen%20label%3A%22question%22
	https://github.com/jsoref
	https://github.com/jsoref
jsoref	https://github.com/jsoref
on Jan 29, 2024	https://github.com/github/codeql/issues/15462#issue-2106095199
https://github.com/check-spelling-sandbox/codeql/actions/runs/7699091660/workflow	https://github.com/check-spelling-sandbox/codeql/actions/runs/7699091660/workflow
https://github.com/check-spelling-sandbox/codeql/actions/runs/7699091660/job/20979906681#step:19:55	https://github.com/check-spelling-sandbox/codeql/actions/runs/7699091660/job/20979906681#step:19:55
https://docs.github.com/en/rest/authentication/permissions-required-for-github-apps?apiVersion=2022-11-28	https://docs.github.com/en/rest/authentication/permissions-required-for-github-apps?apiVersion=2022-11-28
questionFurther information is requested	https://github.com/github/codeql/issues?q=state%3Aopen%20label%3A%22question%22
	https://github.com
Terms	https://docs.github.com/site-policy/github-terms/github-terms-of-service
Privacy	https://docs.github.com/site-policy/privacy-policies/github-privacy-statement
Security	https://github.com/security
Status	https://www.githubstatus.com/
Community	https://github.community/
Docs	https://docs.github.com/
Contact	https://support.github.com?tags=dotcom-footer

Viewport: width=device-width

URLs of crawlers that visited me.