build(ci): add permissions

[poolifier.git] / .github / workflows / ci.yml

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 1232df97a6d36f48780a333aae96090886798a10..268297a1e6b909d2d5a2c7a16d721b277ce99e3a 100644 (file)
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -7,11 +7,10 @@ on:
     types: [opened, synchronize, reopened]
   merge_group:
     branches: [master]
-  workflow_dispatch:
-    inputs:
-      withBenchmark:
-        description: 'With Benchmark?'
-        default: false
+
+permissions:
+  contents: read
+  checks: read
 
 jobs:
   build:
@@ -60,11 +59,7 @@ jobs:
 
       - name: Sonar Code Analysis
         if: ${{ github.repository == 'poolifier/poolifier' && matrix.os == 'ubuntu-latest' && matrix.node == '18.x' }}
-        uses: sonarsource/sonarcloud-github-action@v2.0.0
+        uses: sonarsource/sonarcloud-github-action@v2.0.1
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
           SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
-
-      - name: Benchmark
-        if: github.event.inputs.withBenchmark
-        run: pnpm benchmark