Potential fix for code scanning alert no. 4: Workflow does not contain permissions (#9)

ppouchin · github-advanced-security[bot] · web-flow · commit 6982e5b606a5 · 2025-07-11T01:16:14.000+02:00
Co-authored-by: Copilot Autofix powered by AI &lt;62310815+github-advanced-security[bot]@users.noreply.github.com&gt;
diff --git a/.github/workflows/maven.yml b/.github/workflows/maven.yml
@@ -5,6 +5,8 @@ on: [ push, pull_request ]
 jobs:
   test:
     runs-on : ubuntu-latest
+    permissions:
+      contents: read
     steps :
       - name: Checkout
         uses: actions/checkout@v4
@@ -46,6 +48,9 @@ jobs:
     if: ${{ github.event_name == 'push' && (github.ref == 'refs/heads/main' ||  startsWith(github.ref, 'refs/tags/')) }}
     needs: [ test ]
     runs-on : ubuntu-latest
+    permissions:
+      contents: read
+      packages: write
     steps:
       - name: Checkout
         uses: actions/checkout@v4
