From 0db985fdb874c76967c2ee26000f2a9b61b53a96 Mon Sep 17 00:00:00 2001
From: Marco Pasqualetti <24919330+marcalexiei@users.noreply.github.com>
Date: Thu, 19 Sep 2024 12:50:30 +0200
Subject: [PATCH] Add warning about required actions permissions on README.md

---
 README.md | 24 ++++++++++++++++++++++--
 1 file changed, 22 insertions(+), 2 deletions(-)

diff --git a/README.md b/README.md
index cc7f703b..2fa3f0b3 100644
--- a/README.md
+++ b/README.md
@@ -19,7 +19,27 @@ This action for [Changesets](https://github.com/atlassian/changesets) creates a
 - published - A boolean value to indicate whether a publishing has happened or not
 - publishedPackages - A JSON array to present the published packages. The format is `[{"name": "@xx/xx", "version": "1.2.0"}, {"name": "@xx/xy", "version": "0.8.9"}]`
 
-### Example workflow:
+### Example workflows
+
+> [!WARNING]
+>
+> Before run one of the following workflows be sure that the `GITHUB_TOKEN` has the permission to access the repository contents and create a PR
+>
+> - Go into [repository Action settings](https://docs.github.com/en/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#setting-the-permissions-of-the-github_token-for-your-repository)
+>
+> - Under "Workflow permissions" section, enable "Allow GitHub Actions to create and approve pull requests"
+>
+> - Now you should grant write permission, you can do this by
+>
+>   1. [Using `permissions` key in the workflow file](https://docs.github.com/en/actions/writing-workflows/workflow-syntax-for-github-actions#permissions)
+>
+>       ```yml
+>       permissions:
+>         contents: write
+>         pull-requests: write
+>       ```
+>
+>   2. selecting "Read and write permissions" in the same section
 
 #### Without Publishing
 
@@ -105,7 +125,7 @@ jobs:
 
 By default the GitHub Action creates a `.npmrc` file with the following content:
 
-```
+```text
 //registry.npmjs.org/:_authToken=${process.env.NPM_TOKEN}
 ```