From a092f567b76770cedaea0e3e9a13c574584b4fcb Mon Sep 17 00:00:00 2001 From: Leonidas <77194479+LeonMueller-OneAndOnly@users.noreply.github.com> Date: Tue, 13 Jan 2026 16:53:30 +0100 Subject: fix(github): add persist-credentials: false to workflow templates (#8202) --- packages/web/src/content/docs/github.mdx | 17 ++++++++++++----- 1 file changed, 12 insertions(+), 5 deletions(-) (limited to 'packages/web/src/content/docs/github.mdx') diff --git a/packages/web/src/content/docs/github.mdx b/packages/web/src/content/docs/github.mdx index 879914c74..6e8b9de4d 100644 --- a/packages/web/src/content/docs/github.mdx +++ b/packages/web/src/content/docs/github.mdx @@ -57,12 +57,13 @@ Or you can set it up manually. permissions: id-token: write steps: - - name: Checkout repository - uses: actions/checkout@v6 - with: - fetch-depth: 1 + - name: Checkout repository + uses: actions/checkout@v6 + with: + fetch-depth: 1 + persist-credentials: false - - name: Run OpenCode + - name: Run OpenCode uses: anomalyco/opencode/github@latest env: ANTHROPIC_API_KEY: ${{ secrets.ANTHROPIC_API_KEY }} @@ -135,6 +136,8 @@ jobs: steps: - name: Checkout repository uses: actions/checkout@v6 + with: + persist-credentials: false - name: Run OpenCode uses: anomalyco/opencode/github@latest @@ -172,6 +175,8 @@ jobs: issues: read steps: - uses: actions/checkout@v6 + with: + persist-credentials: false - uses: anomalyco/opencode/github@latest env: ANTHROPIC_API_KEY: ${{ secrets.ANTHROPIC_API_KEY }} @@ -223,6 +228,8 @@ jobs: - uses: actions/checkout@v6 if: steps.check.outputs.result == 'true' + with: + persist-credentials: false - uses: anomalyco/opencode/github@latest if: steps.check.outputs.result == 'true' -- cgit v1.2.3