From f9e863af013a4e2b091eb906113e8eec85ce8d77 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bart=C5=82omiej=20Dach?= Date: Fri, 6 Mar 2026 11:54:44 +0100 Subject: [PATCH] Remove "copy labels from linked issues" github workflow (#36854) [It still doesn't work.](https://github.com/ppy/osu/actions/runs/22759488243/job/66012293202) Looking at the [job output](https://github.com/ppy/osu/actions/runs/22759488243/job/66012293202#step:1:21) it appears that the permissions of the `GITHUB_TOKEN` are *automatically* constrained to `read` even if you request more scopes. Would be nice if that was *actually documented* somewhere! Also given supply-chain attacks that people are running on github [via *issue titles* these days](https://grith.ai/blog/clinejection-when-your-ai-tool-installs-another) I'm not sure we want any automation near where it can reach code. Sure, much of the fault in the aforementioned attack was the fault of meatbags trusting clankers *WAY* too much, which is a mistake we *would not* do, but given everpresent software degradation *from unknown sources and for unknown reasons* let's not ~~COPILOT~~ *ahem* tempt fate... --- .../workflows/pull-request-copy-labels.yml | 20 ------------------- 1 file changed, 20 deletions(-) delete mode 100644 .github/workflows/pull-request-copy-labels.yml diff --git a/.github/workflows/pull-request-copy-labels.yml b/.github/workflows/pull-request-copy-labels.yml deleted file mode 100644 index a48a1ef974..0000000000 --- a/.github/workflows/pull-request-copy-labels.yml +++ /dev/null @@ -1,20 +0,0 @@ -name: Copy labels from linked issues - -on: - pull_request: - types: [opened] - -permissions: - issues: write - pull-requests: write - contents: read - -jobs: - copy-labels: - runs-on: ubuntu-latest - name: Copy labels from linked issues - steps: - - name: Copy labels - uses: michalvankodev/copy-issue-labels@v1.3.0 - with: - repo-token: ${{ secrets.GITHUB_TOKEN }}