Merge branches 'security-fix-1' and 'security-fix-2'

* security-fix-1:
  Fix CWE-73 found in PR #37

* security-fix-2:
  Harden default permissions of GH actions ( - Fixes #39 - )

Author: reactive-firewall

.github/workflows/Labeler.yml

@@ -4,6 +4,9 @@ on:
     types: [opened, reopened]
     branches: [ master, stable ]
 
+# Declare default permissions as none.
+permissions: none
+
 jobs:
   triage:
     permissions:

.github/workflows/Tests.yml

@@ -7,6 +7,9 @@ on:
     tags:
       - v*
 
+# Declare default permissions as read only.
+permissions: read-all
+
 jobs:
   BUILD:
     if: github.repository == 'reactive-firewall/python-repo'

.github/workflows/codeql-analysis.yml

@@ -20,6 +20,9 @@ on:
   schedule:
     - cron: '17 5 * * 1'
 
+# Declare default permissions as read only.
+permissions: read-all
+
 jobs:
   analyze:
     name: Analyze

setup.py

@@ -28,13 +28,14 @@
 def readFile(filename):
 	"""Helper Function to read files"""
 	theResult = None
-	try:
-		with open(str("""./{}""").format(str(filename))) as f:
-			theResult = f.read()
-	except Exception:
-		theResult = str(
-			"""See https://github.com/reactive-firewall/python-repo/{}"""
-		).format(filename)
+	if filename in ("""README.md""", """LICENSE.md"""):
+		try:
+			with open(str("""./{}""").format(str(filename))) as f:
+				theResult = f.read()
+		except Exception:
+			theResult = str(
+				"""See https://github.com/reactive-firewall/python-repo/{}"""
+			).format(filename)
 	return theResult