From 5ba865c04a0d689da087612f40249b9e3b67c61a Mon Sep 17 00:00:00 2001 From: Andrey Babushkin Date: Wed, 13 Nov 2024 19:46:16 +0000 Subject: [PATCH] Grammar and formatting fixes --- docs/dev/ci/github_actions/security.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/docs/dev/ci/github_actions/security.md b/docs/dev/ci/github_actions/security.md index ce1fd88773de12..d46cf6fd865c41 100644 --- a/docs/dev/ci/github_actions/security.md +++ b/docs/dev/ci/github_actions/security.md @@ -4,7 +4,7 @@ There are a few simple steps that we should follow to ensure our workflows are n ## Adjust `GITHUB_TOKEN` permissions -Use the “permissions” key to make sure the GITHUB_TOKEN is configured with the least privileges for each job. +Use the `permissions` key to make sure the `GITHUB_TOKEN` is configured with the least privileges for each job. Start with relatively safe permissions: @@ -69,11 +69,11 @@ jobs: ## Handle secrets correctly -**Never ever** use plain-text secrets hard-coded in GitHub Actions Workflow. If you need to use secrets, contact a member of OpenVINO GitHub Actions task force first. +**Never ever** use plain-text secrets hard-coded in GitHub Actions Workflow. If you need to use secrets, contact a member of the OpenVINO GitHub Actions task force first. ## Be careful with user input. -Most of GitHub context variables propagated from user input. That means they should be treated as an untrusted and potentially malitious. There are some tactics you can use to mitigate the risk: +Most of GitHub context variables propagated from user input. That means they should be treated as an untrusted and potentially malicious. There are some tactics you can use to mitigate the risk: - Instead of using inline scripts, create an action and pass the variable as an argument - Put the value into an environment variable for the step, and use the variable in the script