Skip to content

chore: rename sdk-actions to sdk-shared#1155

Merged
fadi-george merged 1 commit intomainfrom
fg/sdk-shared
Feb 11, 2026
Merged

chore: rename sdk-actions to sdk-shared#1155
fadi-george merged 1 commit intomainfrom
fg/sdk-shared

Conversation

@fadi-george
Copy link
Copy Markdown
Collaborator

@fadi-george fadi-george commented Feb 11, 2026
edited by niels-s
Loading

Summary

Update all GitHub workflow references from sdk-actions to sdk-shared to reflect the repo rename.

Made with Cursor

This change is Reviewable

@fadi-george @cursoragent
chore: rename sdk-actions references to sdk-shared
e499ae4 
Co-authored-by: Cursor <cursoragent@cursor.com>
@fadi-george fadi-george requested a review from a team as a code owner February 11, 2026 18:50
github-advanced-security[bot]
github-advanced-security bot found potential problems Feb 11, 2026
View reviewed changes
.github/workflows/ci.yml
jobs:
call:
uses: OneSignal/sdk-actions/.github/workflows/wrapper-js-ci.yml@main
uses: OneSignal/sdk-shared/.github/workflows/wrapper-js-ci.yml@main

Check warning

Code scanning / CodeQL

Workflow does not contain permissions Medium

Actions job or workflow does not limit the permissions of the GITHUB_TOKEN. Consider setting an explicit permissions block, using the following as a minimal starting point: {}

Copilot Autofix

AI about 2 months ago

In general, to fix this issue you should explicitly define a permissions block for the workflow (at the top level) and/or for the specific job so that the GITHUB_TOKEN has only the minimal scopes required. When a workflow is primarily running checks and reuses another workflow, a safe minimal default is typically contents: read (and any other scopes required by the called workflow, if known). Since we must avoid changing functionality and we do not know of any write operations from this snippet, the safest non-breaking improvement is to define a read-only baseline at the workflow-root level so it applies to the reused workflow job.

Concretely, in .github/workflows/ci.yml, insert a permissions block between the on: section and the concurrency: section. Set contents: read, which is equivalent to the read-only default and therefore should not break existing behavior for a CI/checks workflow while satisfying the CodeQL requirement and documenting the intended minimal permissions. No imports or other definitions are needed; this is a pure YAML configuration change.

Suggested changeset 1
.github/workflows/ci.yml

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -4,6 +4,9 @@
     branches:
       - '**'
 
+permissions:
+  contents: read
+
 concurrency:
   group: ${{ github.workflow }}-${{ github.ref }}
   cancel-in-progress: true
EOF
@@ -4,6 +4,9 @@
branches:
- '**'

permissions:
contents: read

concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
Copilot is powered by AI and may make mistakes. Always verify output.
@claude
Copy link
Copy Markdown

claude bot commented Feb 11, 2026

Code review

No issues found. Checked for bugs and CLAUDE.md compliance.

@fadi-george fadi-george merged commit c72d384 into main Feb 11, 2026
11 checks passed
@fadi-george fadi-george deleted the fg/sdk-shared branch February 11, 2026 19:31
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@nan-li nan-li nan-li approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@fadi-george @nan-li @github-advanced-security