From 4a14d384c51ba0c8e6a2fb4dc8bf83d15cdec096 Mon Sep 17 00:00:00 2001
From: Sung Yoon Whang <sungyoon@uber.com>
Date: Tue, 21 Mar 2023 10:48:35 -0700
Subject: [PATCH] Minimize permissions to CI workflows (#103)

Set only read permission on CI workflows since they don't need write
access.
---
 .github/workflows/fossa.yaml | 3 +++
 .github/workflows/go.yml     | 3 +++
 2 files changed, 6 insertions(+)

diff --git a/.github/workflows/fossa.yaml b/.github/workflows/fossa.yaml
index 86e6db7..01f3c67 100644
--- a/.github/workflows/fossa.yaml
+++ b/.github/workflows/fossa.yaml
@@ -1,6 +1,9 @@
 name: FOSSA Analysis
 on: push
 
+permissions:
+  contents: read
+
 jobs:
 
   build:
diff --git a/.github/workflows/go.yml b/.github/workflows/go.yml
index b7d35f5..2811b19 100644
--- a/.github/workflows/go.yml
+++ b/.github/workflows/go.yml
@@ -7,6 +7,9 @@ on:
   pull_request:
     branches: ['*']
 
+permissions:
+  contents: read
+
 jobs:
 
   build: