Skip to content
This repository was archived by the owner on Feb 19, 2026. It is now read-only.

Commit a092f56

Browse files
LeonMueller-OneAndOnlyLeonMueller-OneAndOnly
authored
fix(github): add persist-credentials: false to workflow templates (anomalyco#8202)
1 parent 883a657 commit a092f56

File tree

3 files changed

+20
-10
lines changed

3 files changed

+20
-10
lines changed

github/README.md

Lines changed: 6 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -81,12 +81,13 @@ This will walk you through installing the GitHub app, creating the workflow, and
8181
permissions:
8282
id-token: write
8383
steps:
84-
- name: Checkout repository
85-
uses: actions/checkout@v6
86-
with:
87-
fetch-depth: 1
84+
- name: Checkout repository
85+
uses: actions/checkout@v6
86+
with:
87+
fetch-depth: 1
88+
persist-credentials: false
8889

89-
- name: Run opencode
90+
- name: Run opencode
9091
uses: anomalyco/opencode/github@latest
9192
env:
9293
ANTHROPIC_API_KEY: ${{ secrets.ANTHROPIC_API_KEY }}

packages/opencode/src/cli/cmd/github.ts

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -394,6 +394,8 @@ jobs:
394394
steps:
395395
- name: Checkout repository
396396
uses: actions/checkout@v6
397+
with:
398+
persist-credentials: false
397399
398400
- name: Run opencode
399401
uses: anomalyco/opencode/github@latest${envStr}

packages/web/src/content/docs/github.mdx

Lines changed: 12 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -57,12 +57,13 @@ Or you can set it up manually.
5757
permissions:
5858
id-token: write
5959
steps:
60-
- name: Checkout repository
61-
uses: actions/checkout@v6
62-
with:
63-
fetch-depth: 1
60+
- name: Checkout repository
61+
uses: actions/checkout@v6
62+
with:
63+
fetch-depth: 1
64+
persist-credentials: false
6465

65-
- name: Run OpenCode
66+
- name: Run OpenCode
6667
uses: anomalyco/opencode/github@latest
6768
env:
6869
ANTHROPIC_API_KEY: ${{ secrets.ANTHROPIC_API_KEY }}
@@ -135,6 +136,8 @@ jobs:
135136
steps:
136137
- name: Checkout repository
137138
uses: actions/checkout@v6
139+
with:
140+
persist-credentials: false
138141
139142
- name: Run OpenCode
140143
uses: anomalyco/opencode/github@latest
@@ -172,6 +175,8 @@ jobs:
172175
issues: read
173176
steps:
174177
- uses: actions/checkout@v6
178+
with:
179+
persist-credentials: false
175180
- uses: anomalyco/opencode/github@latest
176181
env:
177182
ANTHROPIC_API_KEY: ${{ secrets.ANTHROPIC_API_KEY }}
@@ -223,6 +228,8 @@ jobs:
223228
224229
- uses: actions/checkout@v6
225230
if: steps.check.outputs.result == 'true'
231+
with:
232+
persist-credentials: false
226233
227234
- uses: anomalyco/opencode/github@latest
228235
if: steps.check.outputs.result == 'true'

0 commit comments

Comments
 (0)