Merge pull request #1735 from Yamato-Security/fix-actions-permissions

YamatoSecurity · web-flow · commit 4ebff4a6bf04 · 2026-01-31T15:26:09.000+09:00
fix: add read permissions to GitHub actions workflow
diff --git a/.github/workflows/integration-test.yml b/.github/workflows/integration-test.yml
@@ -1,5 +1,8 @@
 name: Integration Test
 
+permissions:
+  contents: read
+
 on:
   workflow_dispatch:
 
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -1,5 +1,8 @@
 name: Hayabusa Release Automation
 
+permissions:
+  contents: read
+
 on:
   workflow_dispatch:
     inputs:
diff --git a/.github/workflows/rust.yml b/.github/workflows/rust.yml
@@ -1,5 +1,8 @@
 name: Rust
 
+permissions:
+  contents: read
+
 on:
   pull_request:
     branches:
diff --git a/.github/workflows/timeline-diff.yml b/.github/workflows/timeline-diff.yml
@@ -1,5 +1,8 @@
 name: Check CSV timeline and JSON timeline Diff
 
+permissions:
+  contents: read
+
 on:
   workflow_dispatch:
 
