From b4c8dfd6b3212f5ce930223c637f693aa922a034 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?K=C3=A9vin=20Dunglas?= Date: Mon, 29 Jun 2026 14:02:15 +0200 Subject: [PATCH] ci: fix lint failures blocking main clang-format wants the empty while-loop body on its own line. zizmor's github-app audit (added in 1.26) flags create-github-app-token without explicit permission-* inputs; the release app only needs contents:write (commits, tags, refs, releases) and actions:write (gh workflow run dispatch of downstream builds). --- .github/workflows/release.yaml | 2 ++ frankenphp.c | 3 ++- 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 9743d17ffb..2bf1dcddb6 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -49,6 +49,8 @@ jobs: with: app-id: ${{ vars.RELEASE_APP_ID }} private-key: ${{ secrets.RELEASE_APP_PRIVATE_KEY }} + permission-contents: write + permission-actions: write - uses: actions/checkout@v6 with: fetch-depth: 0 diff --git a/frankenphp.c b/frankenphp.c index 8ee0c04285..1b852e52c7 100644 --- a/frankenphp.c +++ b/frankenphp.c @@ -138,7 +138,8 @@ static void *frankenphp_parent_death_watcher(void *arg) { _exit(1); } struct kevent event; - while (kevent(kq, NULL, 0, &event, 1, NULL) < 0 && errno == EINTR); + while (kevent(kq, NULL, 0, &event, 1, NULL) < 0 && errno == EINTR) + ; _exit(1); } #endif