Grant granular permissions to workflows for better security measures (#189)

ig15 · web-flow · commit feb59e268c8f · 2025-05-20T17:39:20.000+05:30
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -1,5 +1,9 @@
 name: CI
 
+permissions:
+  contents: read
+  actions: write
+
 on:
   push:
     branches:
diff --git a/.github/workflows/notification.yml b/.github/workflows/notification.yml
@@ -2,13 +2,17 @@ name: GitHub Issue notifications
 
 on: [issue_comment,issues]
 
+
+permissions:
+  contents: read
+  issues: read
+
 env:
   ACTION_NAME: ${{ github.event.action }}
   EVENT_NAME: ${{ github.event_name }}
   ISSUE_NUMBER: ${{ github.event.issue.number }}
   ISSUE_TITLE: ${{ github.event.issue.title }}
 
-
 jobs:
   issue-notification:
     runs-on: ubuntu-latest
