From 8867e6ece9e0cbdbd27b9debea46de34a775cea5 Mon Sep 17 00:00:00 2001
From: Ricardo Lopes <ricardoapl.dev@gmail.com>
Date: Wed, 22 May 2024 15:49:26 +0100
Subject: [PATCH] Restrict permissions for GITHUB_TOKEN

Signed-off-by: Ricardo Lopes <ricardoapl.dev@gmail.com>
---
 .github/workflows/openvex.yml | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/.github/workflows/openvex.yml b/.github/workflows/openvex.yml
index c76c425d38..8ca3945dca 100644
--- a/.github/workflows/openvex.yml
+++ b/.github/workflows/openvex.yml
@@ -4,6 +4,10 @@ on:
   workflow_dispatch:
   release:
     types: [published]
+
+permissions:
+  contents: read
+
 jobs:
   vexctl:
     runs-on: ubuntu-latest