From 3bcedb715b92095899faea99ec0fc610eaf125c5 Mon Sep 17 00:00:00 2001 From: Anne Mirasol Date: Mon, 13 Apr 2026 15:45:38 -0500 Subject: [PATCH] SECZ-4346: add workflow permissions --- .github/workflows/main.yml | 3 +++ .github/workflows/release.yml | 5 +++++ 2 files changed, 8 insertions(+) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 605e1eaa..4efa2980 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -11,6 +11,9 @@ on: branches: - master +permissions: + contents: read + jobs: test: runs-on: ubuntu-latest diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 2e6deae7..3902d1b5 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -6,6 +6,9 @@ on: tags: - '*' +permissions: + contents: read + jobs: test: runs-on: ubuntu-latest @@ -30,6 +33,8 @@ jobs: release: runs-on: ubuntu-latest needs: [ test ] + permissions: + contents: write steps: - name: Checkout uses: actions/checkout@v2