From eb1d171493aa498ed267366bd47673d131ea5e3e Mon Sep 17 00:00:00 2001 From: Steven Date: Mon, 1 Sep 2025 11:37:07 +0200 Subject: [PATCH] feat: restrict workflow permissions to PoLP (principle of least privilege) Discovered by Code scanning alert no. 6: Workflow does not contain permissions (#78) Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> --- .github/workflows/ci.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 33824a1..b668c81 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -8,6 +8,8 @@ # - Running a final integration check name: CI +permissions: + contents: read on: push: