Add explicit permissions to GitHub Actions workflow

mraible · mraible · commit 2abbe14341e5 · 2025-09-17T21:38:03.000-07:00
Resolves CodeQL security alert by restricting GITHUB_TOKEN to contents:read only
diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
@@ -1,6 +1,9 @@
 name: Sample CI
 on: [ push, pull_request ]
 
+permissions:
+  contents: read
+
 jobs:
   build:
     name: Build and Test
