Actio
API ReferenceInterfaces

PermissionsConfig

Defined in: packages/core/src/config.ts:21

Granular permissions config. The string sugar ("off" | "infer" | "check") is equivalent to { mode }.

Properties

actions?

optional actions?: Record<string, Record<string, "read" | "write">>;

Defined in: packages/core/src/config.ts:29

Extend or override the bundled action -> required-scopes table. Keyed by owner/repo[/path] (no @ref); the value is a scope -> read|write map. A user entry always wins over the bundled default for that action.

inferRunScopes?

optional inferRunScopes?: boolean;

Defined in: packages/core/src/config.ts:35

Opt-in heuristic that maps gh/GITHUB_TOKEN usage inside a run: body to scopes (e.g. gh pr -> pull-requests: write). Default false: a token-using run: step instead marks the job unknown so it is never silently under-granted.

mode?

optional mode?: PermissionsMode;

Defined in: packages/core/src/config.ts:23

Policy mode. Default "off" (string form passes the mode directly).

Pass

Previous Page

PinConfig

Next Page

On this page

Propertiesactions?inferRunScopes?mode?