Try to fix security issues on GitHub workflows (#4727)

rzuckerm · web-flow · commit f521a160601a · 2025-05-12T19:42:04.000-05:00
diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
@@ -11,6 +11,10 @@
 #
 name: "CodeQL"
 
+permissions:
+  contents: read
+  security-events: write
+
 on:
   push:
     branches: [ main ]
diff --git a/.github/workflows/docs.yml b/.github/workflows/docs.yml
@@ -1,5 +1,9 @@
 name: Documentation
 
+permissions:
+  contents: read
+  actions: write
+
 on:
   push:
     branches:
diff --git a/.github/workflows/greetings.yml b/.github/workflows/greetings.yml
@@ -1,5 +1,9 @@
 name: Greetings
 
+permissions:
+  issues: read
+  pull-requests: write
+
 on: [pull_request_target, issues]
 
 jobs:
diff --git a/.github/workflows/readme.yml b/.github/workflows/readme.yml
@@ -2,6 +2,10 @@
 
 name: Ronbun
 
+permissions:
+  contents: write
+  pull-requests: write
+
 on: 
   push:
     branches:
diff --git a/.github/workflows/test-suite.yml b/.github/workflows/test-suite.yml
@@ -2,6 +2,9 @@
 
 name: Glotter
 
+permissions:
+  contents: read
+
 on:
   push:
     branches: [ main ]
