actions/download-artifact
1
0
Fork 0
mirror of https://code.forgejo.org/actions/download-artifact synced 2025-06-08 04:58:20 +02:00
Code Activity

Merge 86f43ed3c7 into d3f86a106a

Browse source
This commit is contained in:
Kylie Stradley 2025-04-24 13:03:27 -07:00 committed by GitHub
commit 3c0e1a113a
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
1 changed files with 7 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

7
README.md
View file

@ -277,3 +277,10 @@ If you must preserve permissions, you can `tar` all of your files together befor
name: my-artifact name: my-artifact
path: my_files.tar path: my_files.tar
``` ```
# Recommended Permissions
The `actions/download-artifact` workflow relies on an internal authentication pattern and does not use the GITHUB_TOKEN, to reduce risk of over-privileged token, jobs that use `actions/download-artifact` should set permissions to none:
```yaml
perm