GITHUB_TOKEN replacement #27067
-
Hi! I want to replace the GITHUB_TOKEN for a more specific one and there is one thing I can’t understand. For the three actions that I am using, that require GITHUB_TOKEN, a token with only “public_repo” permission is enough, but “public_repo” does include main permissions in itself. Is there a way to specify even more or that’s the lowest level of specificity currently ? |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment
-
Options to restrict the
GitHub Actions: Control permissions for GITHUB_TOKEN | GitHub ChangelogGitHub Actions: Control permissions for GITHUB_TOKEN But even before that the |
Beta Was this translation helpful? Give feedback.
Options to restrict the
GITHUB_TOKEN
have been added recently:GitHub Actions: Control permissions for GITHUB_TOKEN | GitHub Changelog
GitHub Actions: Control permissions for GITHUB_TOKEN
But even before that the
GITHUB_TOKEN
was generally the safer choice, because it’s scoped to the repository. A PAT applies to everything you have access to.