Last 12 weeks ยท 10 commits
4 of 6 standards met
Each of these workflows runs without a top-level block, so its inherits the repository (or org) default, which is frequently read/write for all scopes. Setting explicitly on keeps the workflow token scoped to what the job actually uses. If a third-party action or transitive dependency in the run were ever compromised, a read-only token limits the damage (no pushes, no releases, no token-backed writes). The change is mechanical and does not alter any step.
Repository: remix-run/examples. Description: A community-driven repository showcasing examples using Remix ๐ฟ Stars: 1215, Forks: 239. Primary language: TypeScript. Languages: TypeScript (76.6%), CSS (12.9%), JavaScript (9.9%), Dockerfile (0.4%), Shell (0.1%). License: MIT. Open PRs: 19, open issues: 16. Last activity: 4d ago. Community health: 62%. Top contributors: dependabot[bot], MichaelDeBoey, github-actions[bot], machour, mcansh, sergiodxa, markdalgleish, ryanflorence, chaance, ikorecky and others.