From ecfd7e0dfe9342f50592bedeaec8d6f785f5cf41 Mon Sep 17 00:00:00 2001
From: Alexandre Alapetite <alexandre.alapetite@alexandra.dk>
Date: Tue, 20 May 2025 09:44:33 +0200
Subject: [PATCH] Potential fix for code scanning alert no. 2: Workflow does
 not contain permissions

Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
---
 .github/workflows/npm-publish.yml | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/.github/workflows/npm-publish.yml b/.github/workflows/npm-publish.yml
index 73040d1..d74e4a9 100644
--- a/.github/workflows/npm-publish.yml
+++ b/.github/workflows/npm-publish.yml
@@ -3,6 +3,10 @@
 
 name: Node.js Package
 
+permissions:
+  contents: read
+  packages: write
+
 on:
   release:
     types: [created]