From 98228e1f8c5a05f1fedc9f4da88311063f06be05 Mon Sep 17 00:00:00 2001
From: Reuel Albert <66895085+ReuelAlbert-Dev@users.noreply.github.com>
Date: Sun, 24 Aug 2025 11:05:39 +0800
Subject: [PATCH] Potential fix for code scanning alert no. 4: Workflow does
 not contain permissions

Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
---
 .github/workflows/publish-pypi.yml | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/.github/workflows/publish-pypi.yml b/.github/workflows/publish-pypi.yml
index 0d9eb2de0..1961c9c83 100644
--- a/.github/workflows/publish-pypi.yml
+++ b/.github/workflows/publish-pypi.yml
@@ -31,6 +31,8 @@ jobs:
           path: dist/
 
   checks:
+    permissions:
+      contents: read
     uses: ./.github/workflows/shared.yml
 
   pypi-publish: