From c372c19eac0a2457a76f835f8259bf8d1256609c Mon Sep 17 00:00:00 2001
From: martinml <217925+martinml@users.noreply.github.com>
Date: Thu, 17 Jul 2025 11:03:18 +0200
Subject: [PATCH] Principal -> Principle

---
 content/actions/reference/secure-use-reference.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/content/actions/reference/secure-use-reference.md b/content/actions/reference/secure-use-reference.md
index 9a3632e21fc2..3f3586c25596 100644
--- a/content/actions/reference/secure-use-reference.md
+++ b/content/actions/reference/secure-use-reference.md
@@ -27,7 +27,7 @@ Find information about security best practices when you are writing workflows an
 
 Because there are multiple ways a secret value can be transformed, automatic redaction is not guaranteed. Adhere to the following best practices to limit risks associated with secrets.
 
-* **Principal of least privilege**
+* **Principle of least privilege**
   * Any user with write access to your repository has read access to all secrets configured in your repository. Therefore, you should ensure that the credentials being used within workflows have the least privileges required.
   * Actions can use the `GITHUB_TOKEN` by accessing it from the `github.token` context. For more information, see [AUTOTITLE](/actions/learn-github-actions/contexts#github-context). You should therefore make sure that the `GITHUB_TOKEN` is granted the minimum required permissions. It's good security practice to set the default permission for the `GITHUB_TOKEN` to read access only for repository contents. The permissions can then be increased, as required, for individual jobs within the workflow file. For more information, see [AUTOTITLE](/actions/security-guides/automatic-token-authentication#permissions-for-the-github_token).
 * **Mask sensitive data**