From d6ee613353283ca31ff171b4805bae2645ab582c Mon Sep 17 00:00:00 2001
From: itchyny <itchyny@cybozu.co.jp>
Date: Sun, 9 Apr 2023 12:19:53 +0900
Subject: [PATCH] specify minimum permission for the default token in workflows

---
 .github/workflows/ci.yaml      | 3 +++
 .github/workflows/release.yaml | 3 +++
 2 files changed, 6 insertions(+)

diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml
index 4ecf920..dc76c7f 100644
--- a/.github/workflows/ci.yaml
+++ b/.github/workflows/ci.yaml
@@ -6,6 +6,9 @@ on:
     - main
   pull_request:
 
+permissions:
+  contents: read
+
 jobs:
   test:
     name: Test
diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml
index a232aa3..19d94c2 100644
--- a/.github/workflows/release.yaml
+++ b/.github/workflows/release.yaml
@@ -5,6 +5,9 @@ on:
     tags:
     - 'v*'
 
+permissions:
+  contents: write
+
 jobs:
   release:
     name: Release